Suche senden
Hochladen
GovCert.NL - The Monkey Steals The Berries
•
0 gefällt mir
•
1,378 views
Tyler Shields
Folgen
Technologie
Melden
Teilen
Melden
Teilen
1 von 42
Empfohlen
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
Tyler Shields
Raleigh ISSA 2010 - The Monkey Steals the Berries
Raleigh ISSA 2010 - The Monkey Steals the Berries
Tyler Shields
BRUCon 2010 - The Monkey Steals the Berries
BRUCon 2010 - The Monkey Steals the Berries
Tyler Shields
Software Developers Forum 2010 - The Monkey Steals the Berries
Software Developers Forum 2010 - The Monkey Steals the Berries
Tyler Shields
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
Tyler Shields
The Coming Wave of Smartphone Attacks - Texas DIR
The Coming Wave of Smartphone Attacks - Texas DIR
Tyler Shields
Source Boston 2010 - The Monkey Steals the Berries Part Deux
Source Boston 2010 - The Monkey Steals the Berries Part Deux
Tyler Shields
Neli Vacheva - IDC
Neli Vacheva - IDC
Ivo_Dreshkov
Empfohlen
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
iSec Forum NYC - Smartphone Backdoors an Analysis of Mobile Spyware
Tyler Shields
Raleigh ISSA 2010 - The Monkey Steals the Berries
Raleigh ISSA 2010 - The Monkey Steals the Berries
Tyler Shields
BRUCon 2010 - The Monkey Steals the Berries
BRUCon 2010 - The Monkey Steals the Berries
Tyler Shields
Software Developers Forum 2010 - The Monkey Steals the Berries
Software Developers Forum 2010 - The Monkey Steals the Berries
Tyler Shields
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
IT Hot Topics 2010 - The Coming Wave of Smartphone Attacks
Tyler Shields
The Coming Wave of Smartphone Attacks - Texas DIR
The Coming Wave of Smartphone Attacks - Texas DIR
Tyler Shields
Source Boston 2010 - The Monkey Steals the Berries Part Deux
Source Boston 2010 - The Monkey Steals the Berries Part Deux
Tyler Shields
Neli Vacheva - IDC
Neli Vacheva - IDC
Ivo_Dreshkov
Facebook: an investment for the future
Facebook: an investment for the future
Ideas4Tomorrow
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
Agency of Industrial Marketing
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Mine ISIK
Mobile Services in Japan
Mobile Services in Japan
MobileMonday Norway
Snapshot on the French Oncology Market March 2010
Snapshot on the French Oncology Market March 2010
thomasmartinelli94
Mobile Marketing Slide Deck
Mobile Marketing Slide Deck
Kevin McGee, MBA
Deutsche EuroShop | Company Presentation | 11/11
Deutsche EuroShop | Company Presentation | 11/11
Deutsche EuroShop AG
When supply met_demand
When supply met_demand
Victor Barros
The Insider Track to Mobile Marketing
The Insider Track to Mobile Marketing
InMobi
Milioone Presentatioon
Milioone Presentatioon
Claudio Ferraris
Mobclix Sfmobile
Mobclix Sfmobile
Vishal Gurbuxani
AdMob 2010 mart istatistikleri
AdMob 2010 mart istatistikleri
Erol Dizdar
Ad mob 2010 mart istatistikleri-
Ad mob 2010 mart istatistikleri-
Erol Dizdar
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
AdMob Inc
Ad mob mobile-metrics-mar-10
Ad mob mobile-metrics-mar-10
Erol Dizdar
Android and its apps market overview
Android and its apps market overview
01Booster
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
Ross Sleight
Advertising metrics for mobile
Advertising metrics for mobile
Mitya Voskresensky
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
bianchiassociates
AdMob Mobile Metrics Report - February 2010
AdMob Mobile Metrics Report - February 2010
AdMob Inc
The rules of mobile advertising
The rules of mobile advertising
Seungyul Kim
The Chronicles of a Mobile-Web Economy
The Chronicles of a Mobile-Web Economy
Bernard Leong
Weitere ähnliche Inhalte
Was ist angesagt?
Facebook: an investment for the future
Facebook: an investment for the future
Ideas4Tomorrow
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
Agency of Industrial Marketing
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Mine ISIK
Mobile Services in Japan
Mobile Services in Japan
MobileMonday Norway
Snapshot on the French Oncology Market March 2010
Snapshot on the French Oncology Market March 2010
thomasmartinelli94
Mobile Marketing Slide Deck
Mobile Marketing Slide Deck
Kevin McGee, MBA
Deutsche EuroShop | Company Presentation | 11/11
Deutsche EuroShop | Company Presentation | 11/11
Deutsche EuroShop AG
When supply met_demand
When supply met_demand
Victor Barros
The Insider Track to Mobile Marketing
The Insider Track to Mobile Marketing
InMobi
Milioone Presentatioon
Milioone Presentatioon
Claudio Ferraris
Was ist angesagt?
(10)
Facebook: an investment for the future
Facebook: an investment for the future
Мониторинг рынка плоского стекла
Мониторинг рынка плоского стекла
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
A DECISION SUPPORT SYSTEM TO DETERMINE THE SPORT SPONSORSHIP RESPONSE
Mobile Services in Japan
Mobile Services in Japan
Snapshot on the French Oncology Market March 2010
Snapshot on the French Oncology Market March 2010
Mobile Marketing Slide Deck
Mobile Marketing Slide Deck
Deutsche EuroShop | Company Presentation | 11/11
Deutsche EuroShop | Company Presentation | 11/11
When supply met_demand
When supply met_demand
The Insider Track to Mobile Marketing
The Insider Track to Mobile Marketing
Milioone Presentatioon
Milioone Presentatioon
Ähnlich wie GovCert.NL - The Monkey Steals The Berries
Mobclix Sfmobile
Mobclix Sfmobile
Vishal Gurbuxani
AdMob 2010 mart istatistikleri
AdMob 2010 mart istatistikleri
Erol Dizdar
Ad mob 2010 mart istatistikleri-
Ad mob 2010 mart istatistikleri-
Erol Dizdar
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
AdMob Inc
Ad mob mobile-metrics-mar-10
Ad mob mobile-metrics-mar-10
Erol Dizdar
Android and its apps market overview
Android and its apps market overview
01Booster
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
Ross Sleight
Advertising metrics for mobile
Advertising metrics for mobile
Mitya Voskresensky
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
bianchiassociates
AdMob Mobile Metrics Report - February 2010
AdMob Mobile Metrics Report - February 2010
AdMob Inc
The rules of mobile advertising
The rules of mobile advertising
Seungyul Kim
The Chronicles of a Mobile-Web Economy
The Chronicles of a Mobile-Web Economy
Bernard Leong
Quantacast Mobile Web trends report 2009
Quantacast Mobile Web trends report 2009
guestd94b193
5 mobile trends (2009)
5 mobile trends (2009)
MobileMonday Switzerland
Enterprise Mobility Computerworld Mar 2012
Enterprise Mobility Computerworld Mar 2012
Exicon
Hk enterprise mobility computerworld mar 2012
Hk enterprise mobility computerworld mar 2012
Stefan Rust - Exicon Leading digital portfolio management
中国アプリ市場とその周辺
中国アプリ市場とその周辺
良太郎 小原
Overcoming challenges of implementing mobile audience measurement studies in ...
Overcoming challenges of implementing mobile audience measurement studies in ...
Merlien Institute
Internet world mobile marketing 270410
Internet world mobile marketing 270410
Jason Cross
Nick Lane, mobileSQUARED, UK mobile update
Nick Lane, mobileSQUARED, UK mobile update
mobilesquared Ltd
Ähnlich wie GovCert.NL - The Monkey Steals The Berries
(20)
Mobclix Sfmobile
Mobclix Sfmobile
AdMob 2010 mart istatistikleri
AdMob 2010 mart istatistikleri
Ad mob 2010 mart istatistikleri-
Ad mob 2010 mart istatistikleri-
AdMob Mobile Metrics Report - March 2010
AdMob Mobile Metrics Report - March 2010
Ad mob mobile-metrics-mar-10
Ad mob mobile-metrics-mar-10
Android and its apps market overview
Android and its apps market overview
Somo - Investing in a Mobile Strategy (UK specific)
Somo - Investing in a Mobile Strategy (UK specific)
Advertising metrics for mobile
Advertising metrics for mobile
Ad Mob Mobile Metrics Feb 10
Ad Mob Mobile Metrics Feb 10
AdMob Mobile Metrics Report - February 2010
AdMob Mobile Metrics Report - February 2010
The rules of mobile advertising
The rules of mobile advertising
The Chronicles of a Mobile-Web Economy
The Chronicles of a Mobile-Web Economy
Quantacast Mobile Web trends report 2009
Quantacast Mobile Web trends report 2009
5 mobile trends (2009)
5 mobile trends (2009)
Enterprise Mobility Computerworld Mar 2012
Enterprise Mobility Computerworld Mar 2012
Hk enterprise mobility computerworld mar 2012
Hk enterprise mobility computerworld mar 2012
中国アプリ市場とその周辺
中国アプリ市場とその周辺
Overcoming challenges of implementing mobile audience measurement studies in ...
Overcoming challenges of implementing mobile audience measurement studies in ...
Internet world mobile marketing 270410
Internet world mobile marketing 270410
Nick Lane, mobileSQUARED, UK mobile update
Nick Lane, mobileSQUARED, UK mobile update
Mehr von Tyler Shields
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
Tyler Shields
Defending Behind the Mobile Device
Defending Behind the Mobile Device
Tyler Shields
Avoiding the Pandora Pitfall
Avoiding the Pandora Pitfall
Tyler Shields
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
Tyler Shields
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Tyler Shields
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
Tyler Shields
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Tyler Shields
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Tyler Shields
Static Detection of Application Backdoors
Static Detection of Application Backdoors
Tyler Shields
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Tyler Shields
Anti-Debugging - A Developers View
Anti-Debugging - A Developers View
Tyler Shields
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile Privacy
Tyler Shields
Owasp Ireland - The State of Software Security
Owasp Ireland - The State of Software Security
Tyler Shields
More Apps More Problems
More Apps More Problems
Tyler Shields
Dirty Little Secret - Mobile Applications Invading Your Privacy
Dirty Little Secret - Mobile Applications Invading Your Privacy
Tyler Shields
IT Hot Topics - Mobile Security Threats at Every Layer
IT Hot Topics - Mobile Security Threats at Every Layer
Tyler Shields
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Tyler Shields
Intelligence on the Intractable Problem of Software Security
Intelligence on the Intractable Problem of Software Security
Tyler Shields
Mehr von Tyler Shields
(20)
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
Defending Behind the Mobile Device
Defending Behind the Mobile Device
Avoiding the Pandora Pitfall
Avoiding the Pandora Pitfall
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!
Social Media Basics: Security Loopholes with Twitter & Other Social Media
Social Media Basics: Security Loopholes with Twitter & Other Social Media
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
United Security Summit 2011 - Using the Mobile Top 10 as a Guide to Assessing...
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Source Boston 2009 - Anti-Debugging A Developers Viewpoint
Static Detection of Application Backdoors
Static Detection of Application Backdoors
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Blackhat Europe 2009 - Detecting Certified Pre Owned Software
Anti-Debugging - A Developers View
Anti-Debugging - A Developers View
Praetorian Veracode Webinar - Mobile Privacy
Praetorian Veracode Webinar - Mobile Privacy
Owasp Ireland - The State of Software Security
Owasp Ireland - The State of Software Security
More Apps More Problems
More Apps More Problems
Dirty Little Secret - Mobile Applications Invading Your Privacy
Dirty Little Secret - Mobile Applications Invading Your Privacy
IT Hot Topics - Mobile Security Threats at Every Layer
IT Hot Topics - Mobile Security Threats at Every Layer
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Intelligence on the Intractable Problem of Software Security
Intelligence on the Intractable Problem of Software Security
Kürzlich hochgeladen
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Softradix Technologies
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
HostedbyConfluent
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
XfilesPro
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
AndikSusilo4
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
LBM Solutions
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Kürzlich hochgeladen
(20)
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
GovCert.NL - The Monkey Steals The Berries
1.
The Monkey Steals
the Berries Mobile Malware – The State of Mobile Security
2.
Presenter Background © 2010
Veracode, Inc. 2
3.
Agenda Background Attacker
Motivation Case Studies Mobile Security Mechanisms Potential Effects and Behaviors Detecting Malicious Mobile Applications Demonstration Conclusion © 2010 Veracode, Inc. 3
4.
Background © 2010 Veracode,
Inc. 4
5.
Malicious Mobile Applications
Modifications to legit programs Developer created Intentional Inadvertent Any programming language Any operating system © 2010 Veracode, Inc. 5
6.
Attacker Motivation © 2010
Veracode, Inc. 6
7.
Attacker Motivation Practical
method of compromise Retrieve or manipulate valuable private data Cost effective and reliable © 2010 Veracode, Inc. 7
8.
Units Sold By
Operating System 90,000.00 80,879 80,000.00 72,934 70,000.00 60,000.00 Units Sold 50,000.00 40,000.00 34,347 2008 Units 2009 Units 30,000.00 24,890 23,149 20,000.00 16,498 11,418 10,622 10,000.00 15,028 6,798 1,193 4,027 8,127 641 0 1,112 0.00 Symbian Research In iPhone OS Microsoft Linux Android WebOS Other OSs Motion Windows Mobile Data Source: DISTMO Appstore Analytics Operating System www.appstore.info © 2010 Veracode, Inc. 8
9.
Units Sold Market
Growth 8% 6% 6% Percentage Growth in Market Share 4% 3% 3% 2% 0% 0% Symbian Research In iPhone OS Microsoft Linux Android WebOS Other OSs 0% Motion Windows Mobile -2% -2% -3% -3% -4% -6% -6% Operating System Data Source: DISTMO Appstore Analytics www.appstore.info © 2010 Veracode, Inc. 9
10.
Application Counts
160,000 150,998 140,000 120,000 Number Of Applications In Store Last Counted Jan/Feb 2010 100,000 80,000 60,000 40,000 19,897 20,000 6118 5291 1452 944 0 iPhone App Store Android Nokia Ovi Store Blackberry App Palm App Catalog Windows Marketplace (Maemo) World Marketplace Data Source: DISTMO Appstore Analytics Marketplace Name www.appstore.info © 2010 Veracode, Inc. 10
11.
iPhone Applications Sold
3.00 Applications Sold (In Billions) 2.50 2.00 1.50 1.00 0.50 0.00 Data Source: Gartner, Inc., a research and advisory firm © 2010 Veracode, Inc. 11
12.
Back To The
Future © 2010 Veracode, Inc. 12
13.
Back To The
Future © 2010 Veracode, Inc. 13
14.
Case Studies © 2010
Veracode, Inc. 14
15.
FlexiSpy http://www.flexispy.com $149
- $350 PER YEAR depending on features © 2010 Veracode, Inc. 15
16.
FlexiSpy Web Site
Quotes “Download FlexiSPY spyphone software directly onto a mobile phone and receive copies of SMS, Call Logs, Emails, Locations and listen to conversations within minutes of purchase. “ “Catch cheating wives or cheating husbands, stop employee espionage, protect children, make automatic backups, bug meetings rooms etc.” “F Secure seem to think that its ok for them to interfere with legitimate, legal and accountable software. Who appointed them judge, jury and executioner anyway, and why wont they answer our emails, so we have to ask who is the real malware? Here is how to remove FSecure malware from your device. Please don't believe the fsecure fear mongers who simply wish you to buy their products.” © 2010 Veracode, Inc. 16
17.
Mobile Spy http://www.mobile-spy.com
$49.97 PER QUARTER or $99.97 PER YEAR © 2010 Veracode, Inc. 17
18.
Mobile Spy Web
Site Quotes “This high-tech spy software will allow you to see exactly what they do while you are away. Are your kids texting while driving or using the phone in all hours of the night? Are your employees sending company secrets? Do they erase their phone logs?” “Our software is not for use on a phone you do not own or have proper permission to monitor from the user or owner. You must always follow all applicable laws and regulations in your region.” “Purchased by more than 30,000 customers in over 150 countries” © 2010 Veracode, Inc. 18
19.
eBlaster Mobile http://www.spectorsoft.com
$49.95 a year © 2010 Veracode, Inc. 19
20.
Etisalat (SS8) UAE
cellular carrier Distribution: SMS link to patch Command & Control: BB PIN Hidden on device Data stolen: Email, SMS © 2010 Veracode, Inc. 20
21.
Storm8 Phone Number
Farming iPhone video game maker Built into game Distribution: iTunes Command & Control: None Hidden within application Data stolen: Phone Number © 2010 Veracode, Inc. 21
22.
Symbian Sexy Space
No real facade Botnet for Symbian phone Distribution: Malicious web sites Worm: SPAM contacts Data stolen: Phone number, network information Signed by Symbian as safe! – Anti-virus scan – Some manual assessment © 2010 Veracode, Inc. 22
23.
09Droid – Banking
Applications Attack 09Droid developer Web frontends to 50+ banks Distribution: Android Marketplace Data stolen: Unknown – likely none Multiple bank fraud warnings released © 2010 Veracode, Inc. 23
24.
3D Anti-Terrorist /
PDA Poker Art / Codec Pack WM1.0 Original author: Huike Repackaged in Russia Built into game Distribution: WM shareware web sites Command & Control: None Data stolen: Money! © 2010 Veracode, Inc. 24
25.
Mobile Security Mechanisms ©
2010 Veracode, Inc. 25
26.
Does It Really
Matter?! Only 23% of smartphone owners use the security software installed on the devices. (Source: Trend Micro Inc. survey of 1,016 U.S. smartphone users, June 2009) 13% of organizations currently protect from mobile viruses (Mobile Security 2009 Survey by Goode Intelligence) © 2010 Veracode, Inc. 26
27.
Common Mobile Security
Mechanisms Corporate level security policies Application level security policies Mobile anti-virus Application marketplace screening Code Signing © 2010 Veracode, Inc. 27
28.
V5.0.0.328 Trusted 3rd
Party Application Permissions Bluetooth Phone USB Connections Location Data Connections Connections Server Network Internet IPC Device Settings Application Media Themes Input Simulation Management Security Timer Display Information Browser Filtering Recording Reset While Locked Email Data Organizer Data Files Security Data © 2010 Veracode, Inc. 28
29.
V5.0.0.328 Untrusted 3rd
Party Application Permissions Bluetooth Phone USB Connections Location Data Connections Connections Server Network Internet IPC Device Settings Application Media Themes Input Simulation Management Security Timer Display Information Browser Filtering Recording Reset While Locked Email Data Organizer Data Files Security Data © 2010 Veracode, Inc. 29
30.
Potential Effects and
Behaviors © 2010 Veracode, Inc. 30
31.
Installation Methods
Application Marketplace Over The Air (OTA) •iTunes •Android •Web Sites Marketplace •Carrier •Blackberry Pushed App World Enterprise Distribution PC Loader •User Desktop •Mass Push Distribution •With/Without •Corporate Assitance Targets •Virus © 2010 Veracode, Inc. 31
32.
Technical Methods Data
Dumpers Listeners Exfiltration Methods Command and Control © 2010 Veracode, Inc. 32
33.
Logging and Dumping
Monitor connected / disconnected calls Monitor PIM added / removed / updated Monitor inbound SMS Monitor outbound SMS Real Time track GPS coordinates Dump all contacts Dump current location Dump phone logs Dump email Dump microphone capture (security prompted) © 2010 Veracode, Inc. 33
34.
Exfiltration and C&C
Methods SMS (No CDMA) SMS Datagrams (Supports CDMA) Email HTTP GET HTTP POST TCP Socket UDP Socket DNS Exfiltration Default command and control to inbound SMS TXSPROTO Bidirectional TCP based command and control © 2010 Veracode, Inc. 34
35.
Detecting Malicious Mobile
Code © 2010 Veracode, Inc. 35
36.
Detecting Malicious Mobile
Code Signature Based Detection – Broken Resource Usage Whitelisting – Semi-broken Sandbox Based Execution Heuristics – Semi-broken Static Decompilation and Analysis – Hard to do, but WORKS! © 2010 Veracode, Inc. 36
37.
Mobile Malicious Code
Detection © 2010 Veracode, Inc. 37
38.
Defense in Depth
Do all of the above! Implement and enforce strong IT policies Implement and enforce additional application policies as required Implement a best of breed anti-virus solution – If only for thoroughness of deployed options Utilize static decompilation and analysis of applications considered for deployment © 2010 Veracode, Inc. 38
39.
Demonstration © 2010 Veracode,
Inc. 39
40.
Conclusion We are
currently trusting the vendor application store provider for the majority of our mobile device security Minimal methods of real time eradication or detection of spyware type activities exists When the do exist they are not configured correctly (or at all) No easy/automated way to confirm for ourselves what the applications are actually doing Automate the decompilation and static analysis of applications that are required for the ongoing functioning of your business © 2010 Veracode, Inc. 40
41.
The Monkey Steals
the Berries! Questions? © 2010 Veracode, Inc. 41
42.
Questions?