This document discusses mobile botnets and rootkits. It begins by introducing the author and their work in mobile malware analysis. Various examples of existing mobile malware are provided, including botnets that coordinate infected devices and rootkits that hide on phones. The document outlines characteristics of botnets like command and control and how they are used for attacks. It also defines rootkits and provides examples found in the wild for Symbian and other mobile platforms. Finally, it discusses the potential for future mobile botnets and rootkits as the capabilities of smartphones increase.
This presentation gives an overview of various security issues in mobile phones having different operating systems. Ways to avoid spamming and malware in our mobile phones are also presented.
This document discusses mobile security and provides tips to stay safe. It outlines the importance of protecting mobile phones given they store personal data. It describes types of mobile securities including device security using locks and remote wiping, and application security using encryption and authentication. The document also discusses types of mobile threats such as those from applications, the web, and networks. It provides examples of malware and privacy threats from applications like Truecaller and VLC player. Finally, it lists tips for staying safe such as using passwords, updating phones, avoiding unknown apps and links, backing up data, and using antivirus software.
The above PPT contains the following content:
1. SPREADING OF VIRUS
2. ANAMNESIS (CASE STUDIES)
3. CURRENT STATUS OF MOBILE MALWARE
4. PROTECTIVE MEASURES
5. THREATS OF MOBILE PHONE
6. CONCLUSION
The detailed PROTECTIVE MEASURES are given in the above PPT.
This document discusses mobile security and provides tips to stay safe. It begins with an introduction on how mobile phones are now used for more than calls and texts, and contain private data. It then covers security issues like physical theft, unencrypted voice calls and texts, and identifying IMEI numbers. The document details types of mobile security including device security measures like locks and remote wiping, and application security such as encryption and authentication. Mobile threats are reviewed like malware, phishing, and network exploits. Finally, tips are provided such as only downloading from trusted sources, setting passwords, using security tools, and being aware of unusual phone behaviors.
The document discusses threats from mobile malware and viruses and provides strategies for protecting smartphones. It notes that as smartphones have become pocket computers, they are now susceptible to many of the same threats as computers like viruses, worms and trojans. These threats can spread via the internet, Bluetooth, MMS and more. The document then examines some specific examples of early mobile viruses and worms. It concludes by recommending security best practices like using passcodes, enabling auto-lock, being wary of Bluetooth and downloads, and maintaining awareness of social engineering threats.
This document discusses mobile security and contains information about Tajwar Khan, a cyber security expert. It outlines three main vectors of network attacks on mobile devices: network exploits, OS exploits, and infected apps. It discusses damages these attacks can cause like stealing location, contacts, passwords. It addresses common misconceptions around mobile security like thinking MDM, secure containers or antivirus can fully protect devices. It emphasizes that mobile threats are a big deal and outlines building blocks and solutions for maximum mobile security without impacting usability.
In this presentation, Sowmya presents an interesting application that finds malware/viruses in mobile platforms through the use of data mining techniques
This presentation gives an overview of various security issues in mobile phones having different operating systems. Ways to avoid spamming and malware in our mobile phones are also presented.
This document discusses mobile security and provides tips to stay safe. It outlines the importance of protecting mobile phones given they store personal data. It describes types of mobile securities including device security using locks and remote wiping, and application security using encryption and authentication. The document also discusses types of mobile threats such as those from applications, the web, and networks. It provides examples of malware and privacy threats from applications like Truecaller and VLC player. Finally, it lists tips for staying safe such as using passwords, updating phones, avoiding unknown apps and links, backing up data, and using antivirus software.
The above PPT contains the following content:
1. SPREADING OF VIRUS
2. ANAMNESIS (CASE STUDIES)
3. CURRENT STATUS OF MOBILE MALWARE
4. PROTECTIVE MEASURES
5. THREATS OF MOBILE PHONE
6. CONCLUSION
The detailed PROTECTIVE MEASURES are given in the above PPT.
This document discusses mobile security and provides tips to stay safe. It begins with an introduction on how mobile phones are now used for more than calls and texts, and contain private data. It then covers security issues like physical theft, unencrypted voice calls and texts, and identifying IMEI numbers. The document details types of mobile security including device security measures like locks and remote wiping, and application security such as encryption and authentication. Mobile threats are reviewed like malware, phishing, and network exploits. Finally, tips are provided such as only downloading from trusted sources, setting passwords, using security tools, and being aware of unusual phone behaviors.
The document discusses threats from mobile malware and viruses and provides strategies for protecting smartphones. It notes that as smartphones have become pocket computers, they are now susceptible to many of the same threats as computers like viruses, worms and trojans. These threats can spread via the internet, Bluetooth, MMS and more. The document then examines some specific examples of early mobile viruses and worms. It concludes by recommending security best practices like using passcodes, enabling auto-lock, being wary of Bluetooth and downloads, and maintaining awareness of social engineering threats.
This document discusses mobile security and contains information about Tajwar Khan, a cyber security expert. It outlines three main vectors of network attacks on mobile devices: network exploits, OS exploits, and infected apps. It discusses damages these attacks can cause like stealing location, contacts, passwords. It addresses common misconceptions around mobile security like thinking MDM, secure containers or antivirus can fully protect devices. It emphasizes that mobile threats are a big deal and outlines building blocks and solutions for maximum mobile security without impacting usability.
In this presentation, Sowmya presents an interesting application that finds malware/viruses in mobile platforms through the use of data mining techniques
The document discusses several topics related to security for mobile devices and networks. It addresses two main components of mobile security: device security and network security. It then examines specific issues like cryptographic security using cryptographically generated addresses, LDAP security, RAS security, and various attacks on mobile devices like theft, viruses, phishing variants (mishing, vishing, smishing), and hacking of Bluetooth. Prevention and protection techniques are also proposed for many of these threats.
This document discusses mobile viruses and security. It describes how cell phone viruses work and spread via methods like Bluetooth, multimedia messages, and internet downloads. Various types of viruses are mentioned that can cause issues like excessive calls/texts, sending private information, or slowing phone performance. The document outlines some differences between mobile and PC viruses in terms of the ability to rollout security patches. It recommends ways to protect phones like not opening unknown files, turning off Bluetooth discoverability, and keeping phones locked or hidden.
This document discusses various security risks associated with smartphones and methods to protect personal information. It outlines three major smartphone operating systems - Android, iOS, and Windows. It then lists interesting smartphone usage statistics and various attacks hackers can perform by accessing a user's smartphone like listening to calls, accessing internet browsing history, and stealing personal information. The document also provides examples of phishing attacks and ways to protect against them such as checking website URLs and SSL certificates. Physical theft of smartphones is also discussed along with using encryption and lock screens for protection. Downloading apps only from trusted sources is recommended to avoid malicious apps posing as legitimate ones.
cell phone is the basic requirement for any type of communication over the world so you r supposed to know the minimum basic information of your cell phone, viruses & its security.
Mobile phone security threats can be categorized into threats related to device and data security, mobile connectivity security, and mobile application and operating system security. The typical impacts of attacks include exposure of personal information, monetary loss from unauthorized premium services, privacy attacks through location tracking and call/SMS monitoring, and losing control of the phone to become a zombie for targeted attacks. Key mitigation strategies include recording the IMEI number, enabling device locking, using a SIM PIN, updating the operating system and applications, only installing apps from trusted sources, and being cautious of location tracking and unknown Wi-Fi networks.
Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.
Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.
This document provides tips for securing a mobile phone and protecting personal data. It recommends setting an auto-lock on the phone screen with a strong password to prevent unauthorized access if the phone is lost or stolen. It also advises keeping phone apps and software up to date by installing updates to fix vulnerabilities, only downloading apps from trusted sources, avoiding online transactions on public WiFi networks, and using mobile security software to protect the phone from malware and spyware threats like malicious apps.
The document discusses various aspects of Android security. It covers kernel security features like process isolation and permissions. It describes how the application sandbox isolates apps and assigns unique IDs. It also discusses system security mechanisms like encryption, verified boot, and updates. Common Android vulnerabilities are outlined like rooting, repackaging apps, update attacks, and drive-by downloads.
Mobile security involves protecting mobile devices and data from threats like malware, theft, and unauthorized access. Application security aims to prevent apps from stealing or hijacking data or code through measures like preventing vulnerabilities. End users are the first line of defense against threats like phishing scams. Common mobile security threats include data leakage from apps sending personal data to servers, network spoofing through fake Wi-Fi connections, social engineering tricks, malicious apps, and improper handling of sessions between mobile apps and backend servers.
Smartphone users should take steps to secure their devices and information as smartphones can store private contacts, messages, pictures, videos, and files which if lost or stolen could put that information into the wrong hands, smartphones are also at risk of viruses and malware that can cause data loss or spread to corporate networks that smartphones connect to. Key steps include using antivirus software, only connecting to secure Wi-Fi networks, using strong passwords to secure Bluetooth and data transfers, and encrypting official and personal information, as well as always using a secured VPN when connecting to office or corporate networks.
This presentation has been created by Mr.Santhosh Kumar (Certified Ethical Hacker)
College : Mount Zion College of Engineering and Technology
Department : CSE
Year : second
Year of Publishing : 2019
The study found a 400% increase in Android malware and that mobile devices are exposed to a record number of security threats. The greatest source of mobile malware is application downloads, so users should consider antivirus apps. Android and Facebook have seen large increases in malicious campaigns. SMS is also risky, as 17% of infections came from SMS Trojans that incurred charges. The study also noted that 20% of teens admit to sending inappropriate content from mobile devices. Mobile devices are unprotected because they can be easily stolen or lost without precautions, and intruders can sometimes gain access if devices are left unprotected or malware is installed.
Security challenges of smart phone & mobile device
Visualizing mobile security
Attacks moving to mobile – why?
What your phone knows & what it shares
Smart phone & mobile device the threats
Countermeasures
Mobile security best practices
This document discusses smartphone security issues and provides recommendations for addressing them. It covers losing your smartphone, malicious software, malicious QR codes, vulnerable wireless networks, and secure mobile development. The main recommendations are to lock your phone with a password, backup data, install trusted apps, review app permissions, keep your phone and apps updated, use secure networks, and follow best practices for secure mobile development.
The document provides tips for securing smartphones, including enabling password protection, installing antivirus software, updating the operating system regularly, downloading apps only from official app stores, being cautious on public WiFi networks, turning off Bluetooth when not in use, and backing up data. Following these tips such as using passwords, antivirus software, and updating the OS can help protect smartphones from cyber attacks and data theft. The document emphasizes that as smartphones take on more functions of computers, it is important to treat mobile security like computer security.
The document discusses mobile security tips for smartphones. It recommends enabling a password on one's phone, installing anti-virus software, keeping the operating system updated, only downloading apps from official app stores, being cautious on public WiFi networks, turning off Bluetooth when not in use, and backing up one's data regularly. Following these tips can help protect a smartphone from cyber threats and data loss.
Digital security involves protecting electronic devices like computers from viruses, malware, spyware, and hackers. Viruses can copy themselves and infect computers without permission. Malware is designed to damage computers secretly. Spyware monitors browsing and shows unwanted ads. Hackers illegally access systems and cause problems. People can safeguard themselves by using unique, changed passwords and not sharing information. Security software also helps protect digital lives.
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
Smartphone Security Guide: The easiest way to keep your phone & data secure. Follow this step-by-step guide in order to enhance your smartphone's security and privacy and keep your data safe.
You can read the extended version here: https://heimdalsecurity.com/blog/smartphone-security-guide-keep-your-phone-data-safe/
“Design and Detection of Mobile Botnet Attacks”iosrjce
A mobile botnet is a type of bot that runs automatically when installed on a mobile phone, which
does not have any anti-malware. The botnet gains complete access over our mobile device. The common
propagation medium for smartphone based botnet attacks are SMS, Bluetooth and Wi-Fi. In our project, we will
demonstrate a SMS-cum-Wi-Fi based mobile botnet using a centralized C&C server. The botmaster initiates
commands to C&C server and the C&C propagates to infected smartphones i.e. bots. We will try to develop a
network which cannot be detected easily and propagates fast. The target of the propagation will be Android
Operating System. For detection, an application is created to detect whether smartphone is working as bot or
not. In this, we guide user about possible botnet attacks.
This document summarizes the design and detection of mobile botnet attacks. It begins by defining a mobile botnet and how they can gain access to mobile devices without anti-malware. It then discusses the history of mobile botnets and some of the challenges in designing effective SMS-based mobile botnets that can evade detection. The document proposes a SMS and WiFi based heterogeneous mobile botnet model using a centralized command and control server. It outlines the methodology for both designing the mobile botnet and detecting whether a smartphone is operating as a bot. Steps for designing and detecting the botnet are provided along with discussing the usefulness and concluding that more work is needed to track down botmasters and develop generalized guidelines.
The document discusses several topics related to security for mobile devices and networks. It addresses two main components of mobile security: device security and network security. It then examines specific issues like cryptographic security using cryptographically generated addresses, LDAP security, RAS security, and various attacks on mobile devices like theft, viruses, phishing variants (mishing, vishing, smishing), and hacking of Bluetooth. Prevention and protection techniques are also proposed for many of these threats.
This document discusses mobile viruses and security. It describes how cell phone viruses work and spread via methods like Bluetooth, multimedia messages, and internet downloads. Various types of viruses are mentioned that can cause issues like excessive calls/texts, sending private information, or slowing phone performance. The document outlines some differences between mobile and PC viruses in terms of the ability to rollout security patches. It recommends ways to protect phones like not opening unknown files, turning off Bluetooth discoverability, and keeping phones locked or hidden.
This document discusses various security risks associated with smartphones and methods to protect personal information. It outlines three major smartphone operating systems - Android, iOS, and Windows. It then lists interesting smartphone usage statistics and various attacks hackers can perform by accessing a user's smartphone like listening to calls, accessing internet browsing history, and stealing personal information. The document also provides examples of phishing attacks and ways to protect against them such as checking website URLs and SSL certificates. Physical theft of smartphones is also discussed along with using encryption and lock screens for protection. Downloading apps only from trusted sources is recommended to avoid malicious apps posing as legitimate ones.
cell phone is the basic requirement for any type of communication over the world so you r supposed to know the minimum basic information of your cell phone, viruses & its security.
Mobile phone security threats can be categorized into threats related to device and data security, mobile connectivity security, and mobile application and operating system security. The typical impacts of attacks include exposure of personal information, monetary loss from unauthorized premium services, privacy attacks through location tracking and call/SMS monitoring, and losing control of the phone to become a zombie for targeted attacks. Key mitigation strategies include recording the IMEI number, enabling device locking, using a SIM PIN, updating the operating system and applications, only installing apps from trusted sources, and being cautious of location tracking and unknown Wi-Fi networks.
Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.
Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.
This document provides tips for securing a mobile phone and protecting personal data. It recommends setting an auto-lock on the phone screen with a strong password to prevent unauthorized access if the phone is lost or stolen. It also advises keeping phone apps and software up to date by installing updates to fix vulnerabilities, only downloading apps from trusted sources, avoiding online transactions on public WiFi networks, and using mobile security software to protect the phone from malware and spyware threats like malicious apps.
The document discusses various aspects of Android security. It covers kernel security features like process isolation and permissions. It describes how the application sandbox isolates apps and assigns unique IDs. It also discusses system security mechanisms like encryption, verified boot, and updates. Common Android vulnerabilities are outlined like rooting, repackaging apps, update attacks, and drive-by downloads.
Mobile security involves protecting mobile devices and data from threats like malware, theft, and unauthorized access. Application security aims to prevent apps from stealing or hijacking data or code through measures like preventing vulnerabilities. End users are the first line of defense against threats like phishing scams. Common mobile security threats include data leakage from apps sending personal data to servers, network spoofing through fake Wi-Fi connections, social engineering tricks, malicious apps, and improper handling of sessions between mobile apps and backend servers.
Smartphone users should take steps to secure their devices and information as smartphones can store private contacts, messages, pictures, videos, and files which if lost or stolen could put that information into the wrong hands, smartphones are also at risk of viruses and malware that can cause data loss or spread to corporate networks that smartphones connect to. Key steps include using antivirus software, only connecting to secure Wi-Fi networks, using strong passwords to secure Bluetooth and data transfers, and encrypting official and personal information, as well as always using a secured VPN when connecting to office or corporate networks.
This presentation has been created by Mr.Santhosh Kumar (Certified Ethical Hacker)
College : Mount Zion College of Engineering and Technology
Department : CSE
Year : second
Year of Publishing : 2019
The study found a 400% increase in Android malware and that mobile devices are exposed to a record number of security threats. The greatest source of mobile malware is application downloads, so users should consider antivirus apps. Android and Facebook have seen large increases in malicious campaigns. SMS is also risky, as 17% of infections came from SMS Trojans that incurred charges. The study also noted that 20% of teens admit to sending inappropriate content from mobile devices. Mobile devices are unprotected because they can be easily stolen or lost without precautions, and intruders can sometimes gain access if devices are left unprotected or malware is installed.
Security challenges of smart phone & mobile device
Visualizing mobile security
Attacks moving to mobile – why?
What your phone knows & what it shares
Smart phone & mobile device the threats
Countermeasures
Mobile security best practices
This document discusses smartphone security issues and provides recommendations for addressing them. It covers losing your smartphone, malicious software, malicious QR codes, vulnerable wireless networks, and secure mobile development. The main recommendations are to lock your phone with a password, backup data, install trusted apps, review app permissions, keep your phone and apps updated, use secure networks, and follow best practices for secure mobile development.
The document provides tips for securing smartphones, including enabling password protection, installing antivirus software, updating the operating system regularly, downloading apps only from official app stores, being cautious on public WiFi networks, turning off Bluetooth when not in use, and backing up data. Following these tips such as using passwords, antivirus software, and updating the OS can help protect smartphones from cyber attacks and data theft. The document emphasizes that as smartphones take on more functions of computers, it is important to treat mobile security like computer security.
The document discusses mobile security tips for smartphones. It recommends enabling a password on one's phone, installing anti-virus software, keeping the operating system updated, only downloading apps from official app stores, being cautious on public WiFi networks, turning off Bluetooth when not in use, and backing up one's data regularly. Following these tips can help protect a smartphone from cyber threats and data loss.
Digital security involves protecting electronic devices like computers from viruses, malware, spyware, and hackers. Viruses can copy themselves and infect computers without permission. Malware is designed to damage computers secretly. Spyware monitors browsing and shows unwanted ads. Hackers illegally access systems and cause problems. People can safeguard themselves by using unique, changed passwords and not sharing information. Security software also helps protect digital lives.
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
Smartphone Security Guide: The easiest way to keep your phone & data secure. Follow this step-by-step guide in order to enhance your smartphone's security and privacy and keep your data safe.
You can read the extended version here: https://heimdalsecurity.com/blog/smartphone-security-guide-keep-your-phone-data-safe/
“Design and Detection of Mobile Botnet Attacks”iosrjce
A mobile botnet is a type of bot that runs automatically when installed on a mobile phone, which
does not have any anti-malware. The botnet gains complete access over our mobile device. The common
propagation medium for smartphone based botnet attacks are SMS, Bluetooth and Wi-Fi. In our project, we will
demonstrate a SMS-cum-Wi-Fi based mobile botnet using a centralized C&C server. The botmaster initiates
commands to C&C server and the C&C propagates to infected smartphones i.e. bots. We will try to develop a
network which cannot be detected easily and propagates fast. The target of the propagation will be Android
Operating System. For detection, an application is created to detect whether smartphone is working as bot or
not. In this, we guide user about possible botnet attacks.
This document summarizes the design and detection of mobile botnet attacks. It begins by defining a mobile botnet and how they can gain access to mobile devices without anti-malware. It then discusses the history of mobile botnets and some of the challenges in designing effective SMS-based mobile botnets that can evade detection. The document proposes a SMS and WiFi based heterogeneous mobile botnet model using a centralized command and control server. It outlines the methodology for both designing the mobile botnet and detecting whether a smartphone is operating as a bot. Steps for designing and detecting the botnet are provided along with discussing the usefulness and concluding that more work is needed to track down botmasters and develop generalized guidelines.
Shmoocon 2010 - The Monkey Steals the BerriesTyler Shields
The document outlines the technical details of mobile spyware targeting Blackberry devices. It describes common spyware programs, how they are installed, their behaviors like logging calls, texts and location, and how they exfiltrate data. It also reviews the technical methods used, like accessing APIs to dump contacts and record audio. Blackberry security mechanisms like code signing and policies are discussed, but many default policies allow broad permissions.
C0c0n 2011 mobile security presentation v1.2Santosh Satam
Mobile phone security has been a hot topic for debate in recent times. The top mobile manufacturers seem to claim that their mobiles and applications are secure, but recent news on mobile hacking and malware suggest otherwise.
One of the key challenges in mobile security is the diverse platforms and multitude of operating systems (both open and proprietary) in the market. This makes it almost impossible to devise a generic catch-all strategy for mobile application security. Every platform whether it is iOS, Android, Blackberry, Windows Mobile, Symbian etc. is unique and requires a specialized treatment.
In this talk, we will demystify mobile and related application security. We will understand the architectures of various mobile operating systems and the native security support provided by the manufacturers and operating system vendors. Then we will look at how hackers have come up with different techniques and tools to break mobile security, and what mobile companies are doing to mitigate these attacks.
Finally, we will look at secure practices for mobile deployment in the Enterprise using policy files and other technology solutions, We will also outline best practices for business users and road warriors, on how to ensure your company data is protected while still continuing to enjoy the flexibility provided by mobile phones.
The document provides a summary of various cybersecurity news items. It discusses the Rombertik malware that uses obfuscation to avoid detection and destroys the master boot record if analyzed. It also mentions vulnerabilities in the Apple Safari browser and FBI reports that a security researcher admitted to briefly hacking a plane's systems in flight. Additional items summarized include the Venom virtualization vulnerability, a DDoS botnet leveraging insecure home routers, and a program called USBKill that instantly disables a computer if USB activity is detected to prevent secrets from being examined.
This document provides an overview of botnets, including:
- What botnets are, how they originated and some examples from history
- How botnets are controlled through command-and-control servers
- The main threats posed by botnets like DDoS attacks, spam, and data theft
- Methods for botnet detection including host-based intrusion detection systems
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
This document discusses trends in social media and mobile security. It notes that mobility and use of personal devices for work is increasing rapidly, bringing new security challenges. Mobile devices face security risks at the network, hardware, operating system and application layers. The document outlines common types of malicious mobile applications and vulnerabilities they may exploit, including monitoring user activity and stealing private data. It emphasizes the importance of securing sensitive data through encryption and access controls on mobile devices and applications. The document recommends organizations form mobility councils to develop mobile security policies and consider mobile device management solutions to help address security risks from increased mobility.
Viruses on mobile platforms why we don't/don't we have viruses on android_Jimmy Shah
This presentation will discuss the resources available to attackers to write Android viruses, including methods of infecting executables, gaining control from the original app and avoiding detection.
The document discusses the growing threat of mobile botnets and their potential to infect smartphones on a massive scale. It outlines how existing Android and Symbian botnets have infected over a million devices and describes how future mobile botnets could utilize SMS and other infection methods. The presentation warns that smartphones could become "mini ISPs" if security measures are not improved to prevent botnets from using the devices to broadcast malware. It concludes by emphasizing the need for manufacturers, researchers, and organizations to collaborate on addressing this emerging threat.
The document discusses the growing threat of mobile botnets and their potential to infect smartphones on a massive scale. It outlines how existing Android and Symbian botnets have infected over a million devices and describes how future mobile botnets could utilize SMS and hijacked phone functions like tethering to spread. The presentation warns that without security improvements to platforms, smartphones risk becoming "mini ISPs" that amplify botnet attacks. It advocates restricting phone functions and revealing only device IDs to prevent proliferation of these "pocket botnets".
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
Mobile devices and BYOD policies introduce significant security risks to organizations. The proliferation of mobile devices has led to new threats like activity monitoring, unauthorized payments, and exfiltration of sensitive data. Many mobile applications also put users' private data at risk through unsafe data practices and potential impersonation attacks. To help address these issues, user education is important, and organizations need strong mobile privacy and document access controls.
The document discusses security challenges posed by increased use of mobile and wireless devices, including risks of malware, hacking, and data theft. It covers types of mobile devices and attacks like viruses, smishing, and vishing. It also provides recommendations for securing mobile devices like using passwords, encryption, and anti-theft tracking software.
Mobile Security for Smartphones and TabletsVince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)Vince Verbeke
Are security concerns for mobile devices, like smartphones and tablets, real? Or, are claims of exponential growth in malware simply FUD? We will explore the major mobile operating systems and security concerns with each. This session will provide tips that can be shared to help your users protect their personal info and data when viewed from a mobile device. Information on mobile security programs will be shared, as well, including a look at whether free or commercial offerings provide better protection.
1. Trapdoors are secret entry points into a system that bypass normal security procedures, commonly used by developers in compilers. Logic bombs are malicious programs that are triggered when specified conditions are met, such as a particular date or user, and typically damage the system.
2. Trojan horses appear to have a normal function but have hidden malicious effects that violate security policies. Viruses are self-replicating code that alters normal programs to include infected versions and can have hidden payloads.
3. Worms propagate fully functioning copies of themselves across networks to infect other computers. Notable worms include Morris, Code Red, Nimda, Slammer, and Conficker which exploited software vulnerabilities to spread rapidly and
Null – An Open Security Community provides a summary of recent cybersecurity events. CCleaner was hacked, infecting 2.27 million users. Deloitte was hacked through an administrator's account, compromising client emails. Equifax disclosed a breach of 143 million users' personal data. Zerodium offered a bounty for hacking the Tor browser. Researchers discovered nRansomware that threatens to post victims' nude photos online unless paid. India plans its own cryptocurrency called Lakshmi Coin. Expensivewall Android malware infected millions. Blueborne exploits Bluetooth vulnerabilities across devices. Yahoo disclosed that all 3 billion user accounts were hacked in 2013.
Slides for a college course at City College San Francisco. Based on "Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018.
Instructor: Sam Bowne
Class website: https://samsclass.info/128/128_S17.shtml
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
Hacking
History Of Hacking
Types of Hacking
The Most World’s famous Hackers
Types Of Hackers
Scope Of Ethical Hackers
Cyber Laws for Hacking and their Punishments in Pakistan
How to Prevent Hacking
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
The document provides an overview of mobile security threats from Fabio Pietrosanti. It discusses key differences between mobile and IT security, including high user trust in operators, many hardware and software platforms, and challenges with patching vulnerabilities. It also covers mobile device security issues, various mobile security models (e.g. centralized app stores for iPhone vs. no signing for Android), and common attack vectors like SMS exploits, Bluetooth hacking, and link layer vulnerabilities in cellular protocols.
Brick all the internet of things!(with notes)Jimmy Shah
Recently someone released a worm on the Internet that targeted IoT devices. In the past similar worms turned your Internet connected cameras and DVRs into nodes in a massive botnet. This time it used the same entry points into your devices to brick them. The better to prevent them from possibly being turned into weapons of mass denial of service.
We'll cover why that's a Bad Idea. And what are more constructive ways to get IoT/Internet-enabled embedded device manufacturers and vulnerability researchers to sit down at the same table.
There's no S(ecurity) in IoT: This is why we can't sleepJimmy Shah
IoT devices are embedded systems. Essentially "[a] computer small enough to fit in a pocket". One wouldn’t put a computer on the Internet without at least considering securing it, yet security for IoT devices is quite often an afterthought.
BYOD is now BYOT (Bring Your Own Threat) – Current Trends in Mobile APTJimmy Shah
Mobile devices are not simply PCs. While one knows to look for an Advanced Persistent Threat(APT) on their desktop endpoints, mobile tends to be ignored. Setting up an MDM solution is not enough. Installing AV on as many devices as possible is not enough. The holes in the net are still too wide; attackers have more options than just malicious apps for getting on your network.
Topics covered will be:
How attackers are moving to mobile in order to bypass traditional protection.
Apps are only one part of the problem. Documents, email, messaging are still left wide open
Bypassing Mobile Antivirus
Bypassing MDM, MAM and Containers
Attackers are turning from apps to exploits.
Finally we’ll cover what to do next – how to effectively deal with Mobile APT.
Solar Powered Parking Meters - An IoT thought experimentJimmy Shah
The Internet of Things is not as complex as one would think. Objects(e.g. Power meters, Fridge computers, etc.) or "Things" don;t have their own Internet, instead they "speak" to each other over the same Internet we all use. There lies their vulnerability. Assuming that since the machines will only talk to each other, that no one will eavesdrop or intrude on their conversation. Security researchers have a saying, "Security through Obscurity is no Security".
The presentation shows how the Internet of Things' veil of obscurity can be pierced by an attacker(or more likely a Security Researcher) would assess a particular Smart Parking Meter ecosystem. Only open source intelligence(OSINT)[e.g. patents, newspaper articles] was used to compile the information on:
* parking meters
* mesh networking
* machine2machine(m2m) SIMs
* management consoles
* RF usage
Mobile malware analysis with the a.r.e. vmJimmy Shah
This document describes tools included in the Android Reverse Engineering (A.R.E.) virtual machine from the Honeynet Project for analyzing Android malware. The A.R.E. VM includes tools for decompiling Android apps, disassembling Dalvik bytecode, inspecting app files and permissions, and monitoring apps dynamically in an instrumented Android virtual machine. It allows static and dynamic analysis of Android apps to identify malicious behavior and understand app functionality.
Mobile malware heuristics the path from 'eh' to pretty good'Jimmy Shah
The 'Platypus' talk
Malware on mobile phones is rapidly increasing. There are many reasons for this, but the primary one is the ease of monetizing malware on mobile phones, Attackers are incentivized to create more malware faster and cheaper. They are overwhelming the limited resources of malware researchers with this glut of cheap and "good enough" malware. Malware can be identified by humans, but there is insufficient time to handle all that is released daily by malware writers. There is a need to develop both better heuristics and the tools that let an analyst separate the wheat from the chaff. The presentation will cover not just the development of heuristics for mobile malware, but also its path from simple detection to more advanced and more successful(i.e fewer false positives) detection. Along the way we will cover the missteps and pitfalls that slow the development of automation.
Isn't it all just SMS-sending trojans?: Real Advances in Android MalwareJimmy Shah
Attackers are starting to move on from simple attacks, mainly because users are starting to figure out that the free adult entertainment or chat app shouldn't be sending SMS messages to expensive numbers. They're leveraging techniques from PC malware like server-side polymorphism, vulnerability exploits, botnets and network updates, and preemptive/direct attacks against security software.
2. Smartphone Ownage: The State of Mobile Botnets and Rootkits2
Contents
• Who we are
• Mobile malware
• Definitions
• Mobile Botnets
• Mobile Rootkits
4. Smartphone Ownage: The State of Mobile Botnets and Rootkits4
Who we are
• Mobile Antivirus Researchers
• My team and I specialize in mobile malware and threat analysis on
existing(J2ME, SymbOS,WM, iPhone OS, Android) and upcoming
mobile platforms.
• We work with a number of large mobile network operators.
5. Smartphone Ownage: The State of Mobile Botnets and Rootkits5
Mobile malware
In the Wild
Comparison to PC malware
Trends
6. Smartphone Ownage: The State of Mobile Botnets and Rootkits6
In the Wild
SymbOS
J2ME
WinCE
Python
MSIL
VBS
Linux
740+ variants
7. Smartphone Ownage: The State of Mobile Botnets and Rootkits7
Mobile malware
In the Wild
Comparison to PC malware
Trends
8. Smartphone Ownage: The State of Mobile Botnets and Rootkits8
Comparison to PC malware
PCs Mobile Examples
Worms
● SymbOS/Commwarrior family
● MSIL/Xrove.A
● SymbOS/Cabir.A
Viruses
● WinCE/Duts.1536
● SymbOS/Lasco.A
Trojan Horses
● J2ME Trojans
● SymbOS Trojans
● WinCE Trojans
Spyware
● Commercial spyware – jailbroken/rooted devices
● txbbspy – Blackberry
● PhoneSpy – iPhone
9. Smartphone Ownage: The State of Mobile Botnets and Rootkits9
Mobile malware
In the Wild
Comparison to PC malware
Trends
10. Smartphone Ownage: The State of Mobile Botnets and Rootkits10
Trends – Mobile Malware Lifecycle
11. Smartphone Ownage: The State of Mobile Botnets and Rootkits11
Definitions
Botnets
Rootkits
12. Smartphone Ownage: The State of Mobile Botnets and Rootkits12
Botnets
• Network
– Clients - Infected machines, “bots”, “zombies” , “bot clients”, etc.
– Server(s) - Command & control, “bot master”, “herd master”, etc.
• Uses
– Stealing PII, confidential information, etc.
– Attacks(DDoS, Spam, phishing)
13. Smartphone Ownage: The State of Mobile Botnets and Rootkits13
Definitions
Botnets
Rootkits
14. Smartphone Ownage: The State of Mobile Botnets and Rootkits14
Rootkits
• Originally used on UNIX systems to assist in gaining/keeping root
access
– Scripts and rigged binaries
• Essentially, rootkits do a few things
– Evasion
– Reduce or maintain reduced security
– Self-Protection
First one on the machine wins.
15. Smartphone Ownage: The State of Mobile Botnets and Rootkits15
Mobile Rootkits
Examples in the wild
Precursors
Actual
16. Smartphone Ownage: The State of Mobile Botnets and Rootkits16
SymbOS/Commwarrior
Variant Feature Type
A-B Delete other malware Self-protection
C Copies itself to the memory card Evasion/Self-protection
C Self-repair, protection from being deleted Self-protection
D Encrypts internal strings Evasion
D Infects other programs' installation files Evasion
D Deletes Antivirus programs Evasion/Self-protection
17. Smartphone Ownage: The State of Mobile Botnets and Rootkits17
WinCE/Infojack.A
• Self-protection
– Installing as an autorun program on the memory card
– installing itself to the phone when an infected memory card is inserted
– protecting itself from deletion, copying itself back to disk
• Reduce security/bypass protection
– allows unsigned applications to install without warning
WinCE/InfoJack is installed with
a collection of legitimate games
WinCE/InfoJack installs silently
along with other applications
WinCE/InfoJack installs as an autorun
program on the memory card
18. Smartphone Ownage: The State of Mobile Botnets and Rootkits18
Mobile Rootkits
Examples in the wild
Precursors
Actual
19. Smartphone Ownage: The State of Mobile Botnets and Rootkits19
Linux Mobile Phone Rootkits
• Rutgers University Researchers Bickford, et al developed a set of
mobile rootkits
• Perform attacks
– Dial attacker on alarm
– Dial attacker on SMS
– GPS coords. Sent to attacker via SMS
– Battery drain attack
• Evasion/Self-protection
– Evade user-mode detection
• Port to N900 in the works
Openmoko Neo1973 (Photo Credit: Ryan Baumann)
20. Smartphone Ownage: The State of Mobile Botnets and Rootkits20
Mobile Rootkits
Future Research
21. Smartphone Ownage: The State of Mobile Botnets and Rootkits21
Android on iPhone/iPhone Linux
• Spinoff/side project from one of the iPhone dev team developers
• Security reduced
– Requires jailbroken phone
– Entirely different OS runs
• Self-protection
– Custom iboot designed to load linux
22. Smartphone Ownage: The State of Mobile Botnets and Rootkits22
Mobile Botnets
Examples in the wild
Precursors
Actual
23. Smartphone Ownage: The State of Mobile Botnets and Rootkits23
OSX/iPHSponey.A
• Network Communication
– Exfiltrate data via email
• Not hardcoded or updated in PoC
• Data gathering(including PII)
– Acquire data from
• interesting apps(Safari, YouTube)
• keyboard cache
24. Smartphone Ownage: The State of Mobile Botnets and Rootkits24
OSX/RRoll.C/OSX/iPHDownloader.A - “botnet”
• Reduce Security
– Enable phishing via hosts file entry
– Unlike previous variant does not disable sshd
– Alters password of user 'mobile' (not root)
• Data gathering
– Attempts to send SMS DB to attacker
• C & C
– /etc/hosts changing script downloaded
• Redirects Dutch bank site to attacker's server
• More of an intended botnet
– OSX/RRoll.C propagates OSX/iPHDownloader.A, but neither propagate
on their own
– C & C server taken down
25. Smartphone Ownage: The State of Mobile Botnets and Rootkits25
SymbOS/XMJTC - “sexy view” worm
• Self-protection/evasion
– Signed installation file
• No warning to user during installation
– Silent install of updates
• Kills processes of 3rd party task managers
• C&C via SMS messages
– Download and install update from supplied URL
– Writes a “serial number” to disk
– Ping the attacker's server/phone via SMS
• Perform attacks
– spamming links to malware via SMS
26. Smartphone Ownage: The State of Mobile Botnets and Rootkits26
“Rise of the iBots: 0wning a telco network”
• Security researchers Collin Mulliner and Jean-Pierre Seifert developed
a PoC iPhone botnet
– Research concentrated on evading detection
• C&C over SMS and P2P network
– Encrypted commands
• Tested in lab
– “Installed bot(s) on a number of iPhones in the lab.”
• No “spreading functionality”
– Experiments were testing the feasibility of the C&C channels
• Presented at the 5th International Conference on Malicious and
Unwanted Software(MALWARE 2010)
27. Smartphone Ownage: The State of Mobile Botnets and Rootkits27
“Rise of the iBots: 0wning a telco network”
Signature
Length
ECDSA
Signature
Sequence
Number
Command
Type
Command
1 <variable> 4 1 <variable>
Command Function
Add phone number(s)
Adds numbers to the forwarding list. Commands
are forwarded to all bots on the list.
Set sleep interval
Sets how long the client waits before searching
the P2P network for a command
Execute shell sequence Run a command in the shell( e.g. ls, ping, etc.)
Download URL Downloads a command file from the botmaster
28. Smartphone Ownage: The State of Mobile Botnets and Rootkits28
Mobile Botnets
Examples in the wild
Precursors
Actual
29. Smartphone Ownage: The State of Mobile Botnets and Rootkits29
WeatherFistBadMonkey – iPhone/Android botnet
• PoC created by Security Researchers
– Derek Brown and Daniel Tijerina(Tipping Point DV Labs)
• Evasion
– Performs nominal function – connects to legitimate weather site
• Bot capability
– Clients available for multiple platforms
– Jailbroken iPhone
– Stock Android
• C & C Server
– Spamming
– provide reverse shell
– perform DDoS
Screenshot Weather Underground site
30. Smartphone Ownage: The State of Mobile Botnets and Rootkits30
Rootstrap & Eclipsetrap
• PoC created by Security Researcher Jon Oberheide of Scio Security
• Evasion
– Pretends to be “Twilight Eclipse Preview” app
• Updates/Commands
– Downloads new native binaries regularly
Despite being only nominally a movie preview app and receiving bad reviews, the PoC garnered over 200 downloads.
31. Smartphone Ownage: The State of Mobile Botnets and Rootkits31
• Zeus trojan on the PC puts up a dialog asking for the victims phone
model and mobile number
– Uses number to send download link to victim
– Download is a signed installation file pretending to be a “Nokia update”
• Zitmo.A is spyware used to forward incoming SMS to the attacker
– Unlike other more common Symbian spyware, forwarded SMS are not
logged to an account on a central server
SymbOS/Zitmo.A
32. Smartphone Ownage: The State of Mobile Botnets and Rootkits32
SymbOS/Zitmo.A, cont.
Command Function
set admin/
SET ADMIN
Setting the C&C phone
number(in memory or in the
config file)[case-sensitive]
[ON/OFF]
Starting/Stopping the
forwarding of SMS messages
BLOCK [ON|OFF] Ignore SMS commands
SET SENDER <number>
ADD SENDER <number1>,…,<number n>
ADD SENDER ALL
Add sender's number to the
forwarding list
REM SENDER <number1>,…,<number n>
REM SENDER ALL
Remove specific/all senders'
numbers
33. Smartphone Ownage: The State of Mobile Botnets and Rootkits33
SymbOS/Zitmo.A, cont.
• Used for stealing mTAN/mTAC(Mobile Transaction Authorization
Number/Code)
– mTAN/mTAC are not used by all banks
• Not written from scratch
– Cracked version of commercial spyware “SMS Monitor”
Installation of the commercial spyware
(images from dTarasov.ru documentation)
The original program required payment.
(images from dTarasov.ru documentation)