SlideShare uma empresa Scribd logo

How Android Based Phone Helped Me Win American Idol (Elad Shapira)

ClubHack
ClubHack

ClubHack 2011 Hacking and Security Conference. Talk - How Android Based Phone Helped Me Win American Idol Speaker - Elad Shapira

NegóciosTecnologia
1 de 48
Baixar para ler offline
1
How Android based phone helped me win American Idol Elad Shapira (elad.shapira@avg.com) Mobile Security Researcher AVG Mobilation
Today’s agenda… No worries – it will be Gr347!!! Let’s get crazy.. 3
Agenda • Bad things a malware can do to Android device (Demo). • Vectors that can be done With SMSs (Demo). • Artificial Intelligence in Android (Demo). • TapJacking Attack (Demo). • Ideas for Denial Of Service attacks. • Current/Future Trends to come in malware (Demos!). • Questions & Answers. Disclaimer: The information contained in this presentation is for learning purposes only. Please don't use this information for other uses, except doing good to the world. 4
There are two opponent football clubs in Tel Aviv (Israel) Maccabi Hapoel 5
Meet our participates for the next few slides The Attacker The Target 6
Greetings Hapoel fans… I’m a fanatic Hapoel fan like you.. ahmm.. I want to recommend you my new app with 24/7 updates about the team.. 1337 app… you should install it! The Attacker goes undercover… How will The fans get it?! 7
The attacker’s honeypot to the fans If we want to get mass target base… 8
If I want mass Hacker target base 9
When scanning the QR code… we can create more “legit” url & apk name that will convince the user to download the app The app downloaded to the device: 10
All is quiet.. But when the match is over.. • Background - Changed to Maccabi logo.. • Ringtone - Changed to Maccabi song.. • SMSs - Sent to all contacts found in the device – “We are losers… I don’t believe this! I'm such a lame to support this team. Maccabi rulez..” • GPS coordinates (Latitude/longitude)… 11
Different content (Toast) by physical location With that ability it’s a good thing you didn’t show your face in the stadium! Don’t forget to tell your friends you witnessed that shame with your own eyes! 12
Demo workflow • Step 1 – User installs External APK file. • Step 2 – External APK request user to install Internal APK. • Step 3 – Removing External APK (Internal APK still running). • Step 4 – Date Changed (Trigger for coming actions). • Step 5 – Background is changed. • Step 6 – A message given to user (based on user’s GPS location, for example inside stadium). • Step 7 – SMS sent to contact (Another Device). • Step 8 – Ringtone is changed. • Step 9 – SMS from Mobile provider is dropped. • Step 10 – If the device boots the Internal APK auto starts. 13
This may also lead to the following scenario I’m telling you it’s the app! It’s the app! I am Hapoel fan! Aiiiiiiiii!!!! Tip: This will work for Cricket too.. 14
From demo to real-life (1/3) Auto starts DogWar SMS registration sent to PETA service SMS text sent to contacts 15
From demo to real-life (2/3) Usage of QR code End of world Trojan Background changed Jifake RogueSPPush Dropping and deleting the SMS Checking whether SMS originated from mobile operator or provider 16
From demo to real-life (3/3) trick?! RogueSPPush SpyEye Usage of high priority to get SMSs before other apps 17
Phone calls can be manipulated as well Capable of ending calls BaseBridge Capable of answering calls Setting volume to ‘0’ Delete record from the call log Catch coming phone calls What else can we do with SMSs? 18
Vectors that can be done with SMSs (1/2) • Sending SMSs to premium numbers. • Control a botnet for voting for American Idol. • Running Linux commands on device via SMSs. • Get & use information of user’s accounts – Used in banks, mobile payments. • Phishing – Man in the Middle - redirect to website. – Download my malicious app (with an exploit?) • SPAM. 19
Vectors that can be done with SMSs (2/2) • Target Mobile Provider – Drop billing SMSs from operator. – Offer discounts in the name of provider. – Change billing value. • Search for specific words – ‘revolution’ , ‘bomb’ , ‘password recovery’.. • Used in other ’interesting’ places – We can steal a car using SMS, SCADA Systems. 20
Artificial Intelligence in Android • Automatic chat like famous ‘Eliza’. • Spotting SMSs with questions (W*?) – “cancel meeting” or “can’t come to the interview”… • Spot co-workers and send them SMS – “I don’t like working with you! You smell bad!!!!” • Spot close relation contacts and ‘play Cupid’ – “Goodbye… I don’t want to see you anymore… I cheated you with…”. 21
From ClickJacking to TapJacking • User is mislead into perform undesired actions. • There is no user indication – Actions taking place in the background. • Examples for undesired actions: – Installing malicious applications. – Changing security settings. – Performing a full device wipe. – More… 22
Permission-based security model • Apps are not adequately reviewed before being placed on the Market. • Permission-based security model – average user in charge of critical security decisions. • The following example will be demonstrated: What does ‘READ_PHONE_STATE” means? 23
Denial Of Service Attacks • Control a Botnet for Denial Of Service Attacks – Mobile Operator / Website / Other target. • Target current Mobile provider/Manufacturer – Disable the internet & connectivity on the phone. • Target a person – disable his connectivity for a while.. • Cause battery loss. • Erase content and data on the device. 24
Other ways the bad guys can make $ • Blackmail – Encrypt content. – Copy user’s files from device to remote server. • Using devices CPU from remote with botnet. We love Android! 25
Current and future trends • Use a device as hacking platform (Demos!). • Anti Debugging techniques (Demo). • Usage of updated exploits (Demo). • Social Engineering. • Anti ‘Anti Virus‘. • Getting malicious updates. • Signed malware. • Google TV. • Android@home + Android@car. 26
Trend #1 – Use a device as hacking platform • Facesniff. ‘Point-Click-Root’ • Android Network Toolkit (Anti). • DroidSheep. • Caribou. • More to come.. 27
Trend #2 - Anti Debugging techniques • Detecting if running in emulator. • ‘Debuggable’. • Encryption. • Obfuscation. • Checking Checksum. 28
Trend #2 - Anti Debugging techniques Checking if it’s an emulator NickiSpy Getting IMEI of the device Encryption Algorithm Lena 29
Obfuscation - Can you analyze this? Yesss!!!! I can read this! 30
Trend #3 – Usage of updated exploits (1/4) • 1.5 “Cupcake” • 1.6 “Donut” • 2.0/2.1 “Éclair” • 2.2 “FroYo” • 2.3 “Gingerbread” • 3.0/3.1 “Honeycomb” • 4.X “Ice Cream Sandwich” Android Versions 31
Trend #3 – Usage of updated exploits (2/4) 32
Trend #3 – Usage of updated exploits (3/4) GingerBreak Levitator GingerBreak Zimperlich KillingInTheNameOF RATC Exploid 33
Trend #3 – Usage of updated exploits (4/4) Gingerbreak exploit Scripts GingerMaster 34
Trend#4 - Social Engineering Jimm NetFlix Lena 35
Trend#5 – Anti ‘Anti Virus’ Checking if Anti virus exist in installed packages “Sorry” The name says it all.. “Application (in the process) stopped unexpectedly, please try again” “forced off” BaseBridge 36
Trend#6 – Getting malicious updates (1/2) Connection to remote server Information collected and sent to remote server Jar file to download from the remote server Plankton 37
Trend#6 – Getting malicious updates (2/2) Plankton Dalvik executable Dynamically loading the file 38
Trend#7 – Signed malware (1/2) Original legitimate Google certificate DroidKungFu – Signed with a ‘fake’ certificate 39
Trend#7 – Signed malware (2/2) 40
Trend#8 - Google TV • Google TV is a Smart TV platform from Google. • Announced on May 20, 2010 (Google I/O event). • Co-developed by Google, Intel, Sony and Logitech. • Integrates Google’s Android operating system and the Linux version of Google Chrome browser. • create an interactive television overlay on top of existing internet television and WebTV sites. 41
Few scenarios for exploiting Google TV 1 - Channel Redirection How did Jay Leno got higher rating than the Super bowl??? 2 - Adding commercials & Hidden frames 3 - Information warfare Not a Google TV.. 42
Trend#9 - Android@home • Android phone/tablet – Interface between you and every electronic device. • Using your phone you’ll be able to: – dim the lights. – turn up the heating. – switch on your television. • Your device has GPS -> – Switch off the lights – Put the TV on standby – turn the heating back down. 43
Trend#9 - Android@car I repeat. I am in a middle of a car chase! There’s no driver in the vehicle!!! 44
Now you know how I won American Idol… I'm s-h-o-c-k-e-d. I think you should not sing. Really. But it turns out that the audience at home love you.. Simon Cowell Judge in American Idol 45
Will this be the topic for next year? • Feel free to stay in touch.. Elad.Shapira@avg.com • Thanks goes to : – ClubHack organizers. – AVG Mobilation founder & CTO, Dror Shalev. Hacked Windows Phone 7 46
Q&A Thank you! 47
48

Recomendados

Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)
Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)
Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)ClubHack
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
 
Android secure offline storage - CC Mobile
Android secure offline storage - CC MobileAndroid secure offline storage - CC Mobile
Android secure offline storage - CC MobileJWORKS powered by Ordina
 
Anti Debugging
Anti DebuggingAnti Debugging
Anti Debuggingn|u - The Open Security Community
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android SecurityMarakana Inc.
 
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDroidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDario Incalza
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maalc0c0n - International Cyber Security and Policing Conference
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maalHarsimran Walia
 

Recomendados

Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)
Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)
Handle Explotion of Remote System Without Being Online (Merchant Bhaumik)ClubHack
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
 
Android secure offline storage - CC Mobile
Android secure offline storage - CC MobileAndroid secure offline storage - CC Mobile
Android secure offline storage - CC MobileJWORKS powered by Ordina
 
Anti Debugging
Anti DebuggingAnti Debugging
Anti Debuggingn|u - The Open Security Community
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android SecurityMarakana Inc.
 
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDroidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDario Incalza
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maalc0c0n - International Cyber Security and Policing Conference
 
I haz you and pwn your maal
I haz you and pwn your maalI haz you and pwn your maal
I haz you and pwn your maalHarsimran Walia
 
Mobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James AhnMobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James AhnJessica Tams
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksCyphort
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By NirmalNIRMAL RAJ
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud preventionYury Leonychev
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperHarsimran Walia
 
A Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial BotnetA Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial BotnetTakashi Yamanoue
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013Petr Dvorak
 
Reversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, SwitzerlandReversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, SwitzerlandSignalSEC Ltd.
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityAVG Technologies AU
 
The hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsn|u - The Open Security Community
 
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...CODE BLUE
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...Dakiry
 
Planning your Dream Mobile App
Planning your Dream Mobile AppPlanning your Dream Mobile App
Planning your Dream Mobile AppSean Katz
 
Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Dinis Cruz
 
A tale of mobile threats
A tale of mobile threatsA tale of mobile threats
A tale of mobile threatsVincenzo Iozzo
 
Reading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love AndroidReading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love AndroidMichael Rushanan
 
Web design and_hosting
Web design and_hostingWeb design and_hosting
Web design and_hostingxmgkklglt1991
 
Cracking the Mobile Application Code
Cracking the Mobile Application CodeCracking the Mobile Application Code
Cracking the Mobile Application Codec0c0n - International Cyber Security and Policing Conference
 
India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014ClubHack
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreClubHack
 

Mais conteúdo relacionado

Semelhante a How Android Based Phone Helped Me Win American Idol (Elad Shapira)

Mobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James AhnMobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James AhnJessica Tams
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksCyphort
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By NirmalNIRMAL RAJ
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud preventionYury Leonychev
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperHarsimran Walia
 
A Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial BotnetA Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial BotnetTakashi Yamanoue
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013Petr Dvorak
 
Reversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, SwitzerlandReversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, SwitzerlandSignalSEC Ltd.
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityAVG Technologies AU
 
The hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsn|u - The Open Security Community
 
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...CODE BLUE
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...Dakiry
 
Planning your Dream Mobile App
Planning your Dream Mobile AppPlanning your Dream Mobile App
Planning your Dream Mobile AppSean Katz
 
Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Dinis Cruz
 
A tale of mobile threats
A tale of mobile threatsA tale of mobile threats
A tale of mobile threatsVincenzo Iozzo
 
Reading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love AndroidReading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love AndroidMichael Rushanan
 
Web design and_hosting
Web design and_hostingWeb design and_hosting
Web design and_hostingxmgkklglt1991
 

Semelhante a How Android Based Phone Helped Me Win American Idol (Elad Shapira) (20)

Mobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James AhnMobile Game Hacking: Defense Against the Dark Arts | James Ahn
Mobile Game Hacking: Defense Against the Dark Arts | James Ahn
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value Attacks
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaper
 
A Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial BotnetA Botnet Detecting Infrastructure Using a Beneficial Botnet
A Botnet Detecting Infrastructure Using a Beneficial Botnet
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013
 
Reversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, SwitzerlandReversing Mobile - Swiss Cyber Storm 2011, Switzerland
Reversing Mobile - Swiss Cyber Storm 2011, Switzerland
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online Security
 
The hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignments
 
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
[CB21] MUSHIKAGO: IT and OT Automation Penetration testing Tool Using Game AI...
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed Adam
 
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
Єгор Попович, CTO @Tesseract, (Lviv, Ukraine) "Blockchain user: myth or reali...
 
Planning your Dream Mobile App
Planning your Dream Mobile AppPlanning your Dream Mobile App
Planning your Dream Mobile App
 
Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)Making the case for sandbox v1.1 (SD Conference 2007)
Making the case for sandbox v1.1 (SD Conference 2007)
 
A tale of mobile threats
A tale of mobile threatsA tale of mobile threats
A tale of mobile threats
 
Reading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love AndroidReading Group Presentation: Why Eve and Mallory Love Android
Reading Group Presentation: Why Eve and Mallory Love Android
 
Web design and_hosting
Web design and_hostingWeb design and_hosting
Web design and_hosting
 
Cracking the Mobile Application Code
Cracking the Mobile Application CodeCracking the Mobile Application Code
Cracking the Mobile Application Code
 

Mais de ClubHack

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014ClubHack
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreClubHack
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatClubHack
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleClubHack
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianClubHack
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...ClubHack
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodClubHack
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalClubHack
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanClubHack
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyClubHack
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaClubHack
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiClubHack
 
Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012ClubHack
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack
 

Mais de ClubHack (20)

India legal 31 october 2014
India legal 31 october 2014India legal 31 october 2014
India legal 31 october 2014
 
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ BangaloreCyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
Cyberlaw by Mr. Pavan Duggal at ClubHack Infosec KeyNote @ Bangalore
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber Insurance
 
Summarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threatSummarising Snowden and Snowden as internal threat
Summarising Snowden and Snowden as internal threat
 
Fatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep KambleFatcat Automatic Web SQL Injector by Sandeep Kamble
Fatcat Automatic Web SQL Injector by Sandeep Kamble
 
The Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas KurianThe Difference Between the Reality and Feeling of Security by Thomas Kurian
The Difference Between the Reality and Feeling of Security by Thomas Kurian
 
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
Stand Close to Me & You're pwned! Owning Smart Phones using NFC by Aditya Gup...
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Legal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara AgrawalLegal Nuances to the Cloud by Ritambhara Agrawal
Legal Nuances to the Cloud by Ritambhara Agrawal
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar KuppanHybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
Hybrid Analyzer for Web Application Security (HAWAS) by Lavakumar Kuppan
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman GuptaContent Type Attack Dark Hole in the Secure Environment by Raman Gupta
Content Type Attack Dark Hole in the Secure Environment by Raman Gupta
 
XSS Shell by Vandan Joshi
XSS Shell by Vandan JoshiXSS Shell by Vandan Joshi
XSS Shell by Vandan Joshi
 
Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012Clubhack Magazine Issue February 2012
Clubhack Magazine Issue February 2012
 
ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012ClubHack Magazine issue 26 March 2012
ClubHack Magazine issue 26 March 2012
 
ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012ClubHack Magazine issue April 2012
ClubHack Magazine issue April 2012
 
ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012ClubHack Magazine Issue May 2012
ClubHack Magazine Issue May 2012
 
ClubHack Magazine – December 2011
ClubHack Magazine – December 2011ClubHack Magazine – December 2011
ClubHack Magazine – December 2011
 

Último

Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in managementchhavia330
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaShree Krishna Exports
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 

Último (20)

Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
GD Birla and his contribution in management
GD Birla and his contribution in managementGD Birla and his contribution in management
GD Birla and his contribution in management
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in India
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 

How Android Based Phone Helped Me Win American Idol (Elad Shapira)

  • 1. 1
  • 2. How Android based phone helped me win American Idol Elad Shapira (elad.shapira@avg.com) Mobile Security Researcher AVG Mobilation
  • 3. Today’s agenda… No worries – it will be Gr347!!! Let’s get crazy.. 3
  • 4. Agenda • Bad things a malware can do to Android device (Demo). • Vectors that can be done With SMSs (Demo). • Artificial Intelligence in Android (Demo). • TapJacking Attack (Demo). • Ideas for Denial Of Service attacks. • Current/Future Trends to come in malware (Demos!). • Questions & Answers. Disclaimer: The information contained in this presentation is for learning purposes only. Please don't use this information for other uses, except doing good to the world. 4
  • 5. There are two opponent football clubs in Tel Aviv (Israel) Maccabi Hapoel 5
  • 6. Meet our participates for the next few slides The Attacker The Target 6
  • 7. Greetings Hapoel fans… I’m a fanatic Hapoel fan like you.. ahmm.. I want to recommend you my new app with 24/7 updates about the team.. 1337 app… you should install it! The Attacker goes undercover… How will The fans get it?! 7
  • 8. The attacker’s honeypot to the fans If we want to get mass target base… 8
  • 9. If I want mass Hacker target base 9
  • 10. When scanning the QR code… we can create more “legit” url & apk name that will convince the user to download the app The app downloaded to the device: 10
  • 11. All is quiet.. But when the match is over.. • Background - Changed to Maccabi logo.. • Ringtone - Changed to Maccabi song.. • SMSs - Sent to all contacts found in the device – “We are losers… I don’t believe this! I'm such a lame to support this team. Maccabi rulez..” • GPS coordinates (Latitude/longitude)… 11
  • 12. Different content (Toast) by physical location With that ability it’s a good thing you didn’t show your face in the stadium! Don’t forget to tell your friends you witnessed that shame with your own eyes! 12
  • 13. Demo workflow • Step 1 – User installs External APK file. • Step 2 – External APK request user to install Internal APK. • Step 3 – Removing External APK (Internal APK still running). • Step 4 – Date Changed (Trigger for coming actions). • Step 5 – Background is changed. • Step 6 – A message given to user (based on user’s GPS location, for example inside stadium). • Step 7 – SMS sent to contact (Another Device). • Step 8 – Ringtone is changed. • Step 9 – SMS from Mobile provider is dropped. • Step 10 – If the device boots the Internal APK auto starts. 13
  • 14. This may also lead to the following scenario I’m telling you it’s the app! It’s the app! I am Hapoel fan! Aiiiiiiiii!!!! Tip: This will work for Cricket too.. 14
  • 15. From demo to real-life (1/3) Auto starts DogWar SMS registration sent to PETA service SMS text sent to contacts 15
  • 16. From demo to real-life (2/3) Usage of QR code End of world Trojan Background changed Jifake RogueSPPush Dropping and deleting the SMS Checking whether SMS originated from mobile operator or provider 16
  • 17. From demo to real-life (3/3) trick?! RogueSPPush SpyEye Usage of high priority to get SMSs before other apps 17
  • 18. Phone calls can be manipulated as well Capable of ending calls BaseBridge Capable of answering calls Setting volume to ‘0’ Delete record from the call log Catch coming phone calls What else can we do with SMSs? 18
  • 19. Vectors that can be done with SMSs (1/2) • Sending SMSs to premium numbers. • Control a botnet for voting for American Idol. • Running Linux commands on device via SMSs. • Get & use information of user’s accounts – Used in banks, mobile payments. • Phishing – Man in the Middle - redirect to website. – Download my malicious app (with an exploit?) • SPAM. 19
  • 20. Vectors that can be done with SMSs (2/2) • Target Mobile Provider – Drop billing SMSs from operator. – Offer discounts in the name of provider. – Change billing value. • Search for specific words – ‘revolution’ , ‘bomb’ , ‘password recovery’.. • Used in other ’interesting’ places – We can steal a car using SMS, SCADA Systems. 20
  • 21. Artificial Intelligence in Android • Automatic chat like famous ‘Eliza’. • Spotting SMSs with questions (W*?) – “cancel meeting” or “can’t come to the interview”… • Spot co-workers and send them SMS – “I don’t like working with you! You smell bad!!!!” • Spot close relation contacts and ‘play Cupid’ – “Goodbye… I don’t want to see you anymore… I cheated you with…”. 21
  • 22. From ClickJacking to TapJacking • User is mislead into perform undesired actions. • There is no user indication – Actions taking place in the background. • Examples for undesired actions: – Installing malicious applications. – Changing security settings. – Performing a full device wipe. – More… 22
  • 23. Permission-based security model • Apps are not adequately reviewed before being placed on the Market. • Permission-based security model – average user in charge of critical security decisions. • The following example will be demonstrated: What does ‘READ_PHONE_STATE” means? 23
  • 24. Denial Of Service Attacks • Control a Botnet for Denial Of Service Attacks – Mobile Operator / Website / Other target. • Target current Mobile provider/Manufacturer – Disable the internet & connectivity on the phone. • Target a person – disable his connectivity for a while.. • Cause battery loss. • Erase content and data on the device. 24
  • 25. Other ways the bad guys can make $ • Blackmail – Encrypt content. – Copy user’s files from device to remote server. • Using devices CPU from remote with botnet. We love Android! 25
  • 26. Current and future trends • Use a device as hacking platform (Demos!). • Anti Debugging techniques (Demo). • Usage of updated exploits (Demo). • Social Engineering. • Anti ‘Anti Virus‘. • Getting malicious updates. • Signed malware. • Google TV. • Android@home + Android@car. 26
  • 27. Trend #1 – Use a device as hacking platform • Facesniff. ‘Point-Click-Root’ • Android Network Toolkit (Anti). • DroidSheep. • Caribou. • More to come.. 27
  • 28. Trend #2 - Anti Debugging techniques • Detecting if running in emulator. • ‘Debuggable’. • Encryption. • Obfuscation. • Checking Checksum. 28
  • 29. Trend #2 - Anti Debugging techniques Checking if it’s an emulator NickiSpy Getting IMEI of the device Encryption Algorithm Lena 29
  • 30. Obfuscation - Can you analyze this? Yesss!!!! I can read this! 30
  • 31. Trend #3 – Usage of updated exploits (1/4) • 1.5 “Cupcake” • 1.6 “Donut” • 2.0/2.1 “Éclair” • 2.2 “FroYo” • 2.3 “Gingerbread” • 3.0/3.1 “Honeycomb” • 4.X “Ice Cream Sandwich” Android Versions 31
  • 32. Trend #3 – Usage of updated exploits (2/4) 32
  • 33. Trend #3 – Usage of updated exploits (3/4) GingerBreak Levitator GingerBreak Zimperlich KillingInTheNameOF RATC Exploid 33
  • 34. Trend #3 – Usage of updated exploits (4/4) Gingerbreak exploit Scripts GingerMaster 34
  • 35. Trend#4 - Social Engineering Jimm NetFlix Lena 35
  • 36. Trend#5 – Anti ‘Anti Virus’ Checking if Anti virus exist in installed packages “Sorry” The name says it all.. “Application (in the process) stopped unexpectedly, please try again” “forced off” BaseBridge 36
  • 37. Trend#6 – Getting malicious updates (1/2) Connection to remote server Information collected and sent to remote server Jar file to download from the remote server Plankton 37
  • 38. Trend#6 – Getting malicious updates (2/2) Plankton Dalvik executable Dynamically loading the file 38
  • 39. Trend#7 – Signed malware (1/2) Original legitimate Google certificate DroidKungFu – Signed with a ‘fake’ certificate 39
  • 40. Trend#7 – Signed malware (2/2) 40
  • 41. Trend#8 - Google TV • Google TV is a Smart TV platform from Google. • Announced on May 20, 2010 (Google I/O event). • Co-developed by Google, Intel, Sony and Logitech. • Integrates Google’s Android operating system and the Linux version of Google Chrome browser. • create an interactive television overlay on top of existing internet television and WebTV sites. 41
  • 42. Few scenarios for exploiting Google TV 1 - Channel Redirection How did Jay Leno got higher rating than the Super bowl??? 2 - Adding commercials & Hidden frames 3 - Information warfare Not a Google TV.. 42
  • 43. Trend#9 - Android@home • Android phone/tablet – Interface between you and every electronic device. • Using your phone you’ll be able to: – dim the lights. – turn up the heating. – switch on your television. • Your device has GPS -> – Switch off the lights – Put the TV on standby – turn the heating back down. 43
  • 44. Trend#9 - Android@car I repeat. I am in a middle of a car chase! There’s no driver in the vehicle!!! 44
  • 45. Now you know how I won American Idol… I'm s-h-o-c-k-e-d. I think you should not sing. Really. But it turns out that the audience at home love you.. Simon Cowell Judge in American Idol 45
  • 46. Will this be the topic for next year? • Feel free to stay in touch.. Elad.Shapira@avg.com • Thanks goes to : – ClubHack organizers. – AVG Mobilation founder & CTO, Dror Shalev. Hacked Windows Phone 7 46
  • 48. 48