Google’s automated “Bouncer” for apps, which should prevent harmful mobile software from appearing in the company’s app store, appears to have serious blind spots. The system repeatedly scanned but let pass an app that stealthily steals personal data such as photos and contacts, reported two researchers from computer security company Trustwave at the Black Hat security conference in Las Vegas yesterday.

Nicolas Percoco and Sean Schulte are members of Trustwave’s “ethical hacking” research group, known as SpiderLabs, and they created the app to probe Google’s ability to vet the software uploaded to its app store. The pair said the results shows that Google needs to improve both its app-scanning system and its Android operating system.

As more people trade desktop and laptop computers for smartphones and tablets, mobile security is becoming increasingly important. Many users also behave as if everything they download from an app store is safe.

The stunt is embarrassing for Google, which announced the existence of the Bouncer security system that scans apps in the company’s apps store in February this year, saying at the time that it had been used since late 2011 with success (see “Attacks on Android Intensify”). In June of this year, two researchers from another security company, Duo Security, attacked Bouncer itself, providing details of how it works.

Percoco and Schulte were more interested in showing how criminals hoping to make money from bad apps could bypass the Bouncer system. They uploaded a harmless app to Google’s app store and then successively upgraded it to be nastier and nastier to see how far they could go before Bouncer sprang into action.

The original app, called SMS Bloxor, simply blocked text messages from certain numbers. SMS blocking was chosen because the researchers wanted to deter users from downloading the app. Other apps—many of which are free—already offer the same functionality, and SMS Bloxor was priced at $49.95. “We did not want to have 5,000 users downloading our malicious app,” said Percoco. “I’m the only person that bought it.”

The first version had a simple “phone home” feature built in so the researchers would know if Bouncer tested the app. Google has not released technical details of Bouncer, but has said it tests apps by scanning their code and running them inside a simulated phone to see what they do. That involves giving an app Internet access, so when SMS Bloxor phoned home a few minutes after being uploaded to the Google Play store, it was clear Bouncer had scanned it. The app then appeared on the Google Play app store and was ready for anyone to download.

The researchers then submitted seven updated versions, each of which added more malicious features. The first was able to secretly send a person’s contacts to the app’s creators. The following versions could steal text messages, copy a phone’s identifying information, steal photos, steal call records, hijack the screen, and finally, attack an Internet address by flooding it with requests for data, a tactic that can take down websites if many infected computers work together, known as distributed denial of service (DDoS) attack.

“We kind of expected that one of these steps, like spoof screen or DDoS, would get us caught. And it didn’t,” said Schulte. Bouncer scanned and ran the updated versions of the app, but always let it pass. That was likely because Bouncer never saw the app at its worst. Although the versions scanned had all the code needed to do bad things, the researchers waited until after they’d slipped past Bouncer to send the app the final instructions it needed to enable malicious activity.

SMS Bloxor was finally pulled from the store after the researchers uploaded a version that continuously sent all the data from a device back to the app’s creators, without ever stopping. An automated e-mail informed Percoco that his developer account had been suspended, and the experiment was ended. No warning was sent to the one person that had paid for and downloaded the app–Percoco himself.

The pair informed Google of the experiment in advance of their presentation yesterday afternoon and met with representatives of the company immediately afterward to discuss their findings.

Percoco suggested that Google could expand the reach of Bouncer and make it a feature of every Android handset, where it could check the behavior of an app after it has been installed. Percoco also said Google should reconsider the feature that allows new code to be silently sent to apps after they have been uploaded to Google Play.

Google and other app-store providers first designed such stores primarily with a business model, rather than security, in mind, as competition to exploit the boom in mobile devices intensified. However, the large numbers of devices now in circulation and the intimate role they have in people’s lives has convinced many security experts that app stores will soon be subject to significant criminal efforts. Google reported last month that more than 400 million Android devices have been activated since they first became available in 2008 (see “Android Has Arrived”), and that a million more are activated every day.

Percoco said that Google and others have been lucky so far and still have time to get ahead of the coming wave. For now, most examples of mobile malware consist of targeted attacks against individuals, such as CEOs that might have access to valuable corporate data. “Round the corner is going to be some more widespread catastrophe that’s could hit tens of thousands or millions of users.”