f from nothing to massive n thi t m i android under attack
play

F From Nothing to Massive N thi t M i Android under Attack Vi - PowerPoint PPT Presentation

Feb 16, 2023 •273 likes •495 views

F From Nothing to Massive N thi t M i Android under Attack Vi Vicente Diaz t Di Senior security analyst It It s Sept It It s Sept September September ember so ember, so so we so we we we ... ... Sep 22, 2011 The

  1. F From Nothing to Massive – N thi t M i Android under Attack Vi Vicente Diaz t Di Senior security analyst

  2. It It ´ s Sept It It s Sept September September ember so ember, so so we so we we we ... ... Sep 22, 2011 The Kaspersky Security Symposium, Munich

  3. Question Question 1 Question Question 1 How many of you have a mobile phone? How many of you have a mobile phone? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  4. Question Question 2 Question Question 2 Do you think you have Do you think you have something valuable g in your mobile phone? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  5. Question Question 2 ( Question Question 2 ( 2 (again 2 (again again) again) …Actually, probably more things than you think Actually probably more things than you think You probably don´t want everybody to see this Sep 22, 2011 The Kaspersky Security Symposium, Munich

  6. Question Question 3 Question Question 3 Are there viruses for smartphones? Are there viruses for smartphones? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  7. User A User A User Awareness User Awareness areness Very Low areness … Ve Very Low ow! ow! How do you estimate the malware infection risk when surfing the web from different devices? T ABLET PC (N= 132) 5.1 pts 5.1 pts S MARTPHONE S MARTPHONE PC / N OTEBOOK PC / N OTEBOOK (N= 1618) (N= 1518) 4.7 4.7 pts pts 6.0 6.0 pts pts N O R I SK OF N O R I SK OF E XTREMELY H I GH E XTREMELY H I GH M ALWARE R I SK OF M ALWARE 1 2 2 3 3 4 4 5 5 6 6 7 7 8 8 9 9 I NFECTI ON I NFECTI ON  Source: Smartphone Users Study for Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich

  8. My My My Mobile W My Mobile W Mobile Was Mobile Was s Com s Com ompr ompr promised promised omised So omised, So So What So What hat? hat? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  9. Mobile Malw Mobile Malware Mobile Malw Mobile Malware are Hist are Hist istory istory 2006 ‐ 2008 2008 ‐ Now 2004 ‐ 2006 2000 ‐ 2004 Evolution Evolution Monetization Monetization Th b The beginning i i Proof of (Symbian) (J2ME) (All platforms) concepts Sep 22, 2011 The Kaspersky Security Symposium, Munich

  10. Mobile Malw Mobile Malware Mobile Malw Mobile Malware are Evolution are Evolution lution lution 65% growth of threats in 2010 over 2009 Number of Modifications 2000 1800 1600 1400 1200 1000 800 600 400 200 0 jun.04 apr.05 jun.05 aug.05 oct.05 dec.05 feb.06 apr.06 jun.06 aug.06 oct.06 dec.06 feb.07 apr.07 jun.07 aug.07 oct.07 dec.07 feb.08 apr.08 jun.08 aug.08 oct.08 dec.08 feb.09 apr.09 jun.09 aug.09 oct.09 dec.09 feb.10 apr.10 jun.10 aug.10 oct.10 dec.10 feb.11 apr.11 Source: Kaspersky Lab Source: Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich

  11. Malw Malw Malware f Malware f are for Smar are for Smar r Smartphones r Smartphones tphones 20 tphones, 20 2011 2011 1% 1% 6% 23% Android Symbian Windows Mobile iOS Blackberry 69% Source: Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich

  12. Exam Example 1: Example 1: Exam ple 1: SMS F ple 1: SMS F SMS Fraud SMS Fraud aud aud Trojan dials international premium- rate numbers every month t b th Sep 22, 2011 The Kaspersky Security Symposium, Munich

  13. Exam Example 2: Exam Example 2: ple 2: Rick ple 2: Rick Rick in Y Rick in Y in Your iPhone in Your iPhone ur iPhone ur iPhone • Jailbroken Iphones first worm • Nice, we all LOVE Rick Astley, don´t we? • However … Mobile World Congress Sep 22, 2011 The Kaspersky Security Symposium, Munich ‘Mobile Malware Threatscape in 2011’

  14. Exam Example 3: Exam Example 3: ple 3: Andr ple 3: Andr Android Mar Android Mar oid Market 20 oid Market 20 2011 2011 Sep 22, 2011 The Kaspersky Security Symposium, Munich

  15. Main R Main Reason? Main R Main Reason? ason? ason? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  16. But W But Wait But W But Wait it There’s it, There’s There’s More There’s More ore ore Sep 22, 2011 The Kaspersky Security Symposium, Munich

  17. Social Engineering Social Engineering Attacks Social Engineering Social Engineering Attacks ttacks ttacks • Dear Mr. Foo (attacker knows who you are) • I´m calling you from your YourBank local office in Chelsea (attacker knows where you office in Chelsea (attacker knows where you live and your bank). • In order to prevent fraud we need to check • In order to prevent fraud we need to check some details, first I need to ensure you are the holder of the credit card with number the holder of the credit card with number xxx ‐ xxx ‐ xxx ‐ xxx (attacker knows your credit card) card). • Can you please tell me the number that appears on the back of your card? … th b k f d? Sep 22, 2011 The Kaspersky Security Symposium, Munich

  18. Targe Targe rgeted A rgeted A ed Attacks ed Attacks ttacks ttacks Sep 22, 2011 The Kaspersky Security Symposium, Munich

  19. Summar Summary Summar Summary • Malware is targeting the most popular platforms g g p p p • Profit ‐ driven • Authors unpunished p • Social engineering + lack of user awareness • Devices easily accessed/stolen e ces eas y accessed/sto e • How long does it take to jailbreak an iPhone? • More and more valuable data on them • Contacts • Agenda • Geo ‐ location Sep 22, 2011 The Kaspersky Security Symposium, Munich

  20. Recommendations Recommendations commendations commendations • Lock your screen L k • Use security software • Back up your data k d • Use encryption • Beware of what you install • Do not jailbreak/root your device • Do not connect to untrusted Wi ‐ Fi access points • Do not skip updates AND • Do not assume your mobile is safer than your PC Sep 22, 2011 The Kaspersky Security Symposium, Munich

  21. [Vi [Vicente Diaz] t Di ] [vicente.diaz@kaspersky.com] [ 34 681244756] [+34 681244756] [@trompi]

Recommend

Using Android to attack ProGuard (and saving 2 e for a ticket) BeeRumP 29 mai 2019 Android

Using Android to attack ProGuard (and saving 2 e for a ticket) BeeRumP 29 mai 2019 Android

Using Android to attack ProGuard (and saving 2 e for a ticket) BeeRumP 29 mai 2019 Android Open Source Project Reversing the obfuscation Conclusion Who am I? @laughing_bit (C|Python|Twitter|Beamer|Mirabelle) Lover. Author of the

717 views • 27 slides
Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware Work up to Android OS Climb into the Play Store Discuss Application (APK) Connor Tumbleson Senior Software Engineer @Sourcetoad

672 views • 56 slides
Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2 Anthony Morris Jan-Felix Schmakeit Tech Lead, Android Maps API Android Developer Relations Code, Slides, Worksheet: http://goo.gl/MfY67 Welcome!

687 views • 49 slides
Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to use operating system that powers more than a billion devices across the globe - from phones and tablets to watches, TV, cars and more to come.

464 views • 21 slides
evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06 Agenda evil maids detour: the android boot process attack scenarios unrooted phones adb access rooted phones protecting yourself 2 / 51 Agenda

1.31k views • 85 slides
CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest <manifest

CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest <manifest

Project #1: Color Guess Game CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="net.cserna.bence.colorguess

201 views • 3 slides
What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4

What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4

What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4 Development, Meier, Ch 11, pg 437 Speech recognition: Accept inputs as speech (instead of typing) e.g. dragon dictate app? Note: Google

333 views • 16 slides
Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android

Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android

Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android which gives us the liberty to perform heavy tasks in the background and keep the UI thread light thus making the application more responsive. Basic

240 views • 5 slides
Android Android Application Development - Ashwin Agenda Android Platform Overview

Android Android Application Development - Ashwin Agenda Android Platform Overview

Android Android Application Development - Ashwin Agenda Android Platform Overview Installation Building Blocks Application Development Development Tools Source walk through Introduction to Android Open software

978 views • 49 slides
CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

583 views • 31 slides
CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

1.49k views • 70 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides
CS 528 Mobile and Ubiquitous Computing Lecture 3: Android UI, WebView, Android Activity Lifecycle

CS 528 Mobile and Ubiquitous Computing Lecture 3: Android UI, WebView, Android Activity Lifecycle

CS 528 Mobile and Ubiquitous Computing Lecture 3: Android UI, WebView, Android Activity Lifecycle Emmanuel Agu Android UI Design Example GeoQuiz App Reference: Android Nerd Ranch, pgs 1 32 App presents questions to test users knowledge

1k views • 96 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Services Android Services A Service is an application component that runs in the background, not

Services Android Services A Service is an application component that runs in the background, not

Lesson 22 Lesson 22 Android Android Services Victor Matos Cleveland State University Cleveland State University Notes are based on: Android Developers http://developer.android.com/index.html Portions of this page are reproduced from work

692 views • 26 slides
Android Pre-requisites 1 Android To Dos Make sure you have working

Android Pre-requisites 1 Android To Dos Make sure you have working

Android Pre-requisites 1 Android To Dos Make sure you have working install of Android Studio Make sure it works by running Hello, world App On emulator

666 views • 24 slides
Android Michael Greifeneder Image source: Android homepage Inhalt Overwiew Hardware

Android Michael Greifeneder Image source: Android homepage Inhalt Overwiew Hardware

Android Michael Greifeneder Image source: Android homepage Inhalt Overwiew Hardware Software Development Tools Basics Debugging/Emulator Location Demo Android And Me Why I like Android Blend of Linux

1.01k views • 25 slides
CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is

CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is

CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is Android? Android is worlds leading mobile operating system Google: Owns Android, maintains it, extends it Distributes Android OS,

589 views • 35 slides
CS 528 Mobile and Ubiquitous Computing Lecture 2: Android Introduction and Setup Emmanuel Agu

CS 528 Mobile and Ubiquitous Computing Lecture 2: Android Introduction and Setup Emmanuel Agu

CS 528 Mobile and Ubiquitous Computing Lecture 2: Android Introduction and Setup Emmanuel Agu What is Android? Android is worlds leading mobile operating system Google: Owns Android, maintains it, extends it Distributes Android

388 views • 38 slides
CS 528 Mobile and Ubiquitous Computing Lecture 1b: Introduction to Android Emmanuel Agu What is

CS 528 Mobile and Ubiquitous Computing Lecture 1b: Introduction to Android Emmanuel Agu What is

CS 528 Mobile and Ubiquitous Computing Lecture 1b: Introduction to Android Emmanuel Agu What is Android? Android is worlds leading mobile operating system Open source (https://source.android.com/setup/) Google: Owns Android,

652 views • 43 slides
ANDROID PROGRAMMING - INTRODUCTION Roberto Beraldi Web resources (android) Code

ANDROID PROGRAMMING - INTRODUCTION Roberto Beraldi Web resources (android) Code

ANDROID PROGRAMMING - INTRODUCTION Roberto Beraldi Web resources (android) Code https://developer.android.com/guide/index.html http://www.vogella.com/tutorials/android.html

1.49k views • 60 slides
The FIFA Universe Massive scale, massive influence, massive corruption First, Some History.

The FIFA Universe Massive scale, massive influence, massive corruption First, Some History.

The FIFA Universe Massive scale, massive influence, massive corruption First, Some History. Football Association (FA) Formed 1863, governs association football in England Prior to this, football was just a school yard sport Rule

579 views • 35 slides
CS 403X Mobile and Ubiquitous Computing Lecture 2: Android UI Design, First Android Program

CS 403X Mobile and Ubiquitous Computing Lecture 2: Android UI Design, First Android Program

CS 403X Mobile and Ubiquitous Computing Lecture 2: Android UI Design, First Android Program Emmanuel Agu Android UI Design in XML Recall: Files Hello World Android Project XML file used to design Android UI 3 Files: Activity_main.xml: XML

1.18k views • 92 slides
HELLO WORLD ON ANDROID Create a new Android Project Open File->New->Android

HELLO WORLD ON ANDROID Create a new Android Project Open File->New->Android

HELLO WORLD ON ANDROID Create a new Android Project Open File->New->Android project Application name Company domain Project location Hello World Project Target Android Devices Hello World Project Add an

213 views • 18 slides

More recommend