Hacking Mobiles Vol. 2.1 – MMA: Mobile Malicious Apps

March 16, 2015 (at 9:30 a.m.)

“Hacking Mobiles” is returning to TROOPERS, after a hunt for missing John in the past course, this year’s course is split into two practical parts concerned with malware on iOS & Android and the current state of Windows Phone 8 / 8.1. Yet again, both courses are stuffed with juicy information and loads of hands-on experience!

Malware has a tough life on modern mobile platforms. If trusting the OS vendors, one might expect mobile malware to be extinct in no time. But why? This course will give an insight in what basic malware is able to on modern iOS and Android devices and why it can’t properly survive even though it’s habitat is growing daily. It will also answer the question, what mobile malware actually is, because quite often it’s simply malicious apps!

To understand the life of malware, the course will start with an overview on it’s ecosystem, as in iOS’ and Android’s security mechanisms, what they do and how they influence apps. Afterwards some basic malware will be watched while it lives it life on a smartphone, both local storage and communications of the app will be analyzed and identified. This is followed by a few practical lessons on how to identify strange and stray applications on a smartphone.

The course will end with a discussion on the effectiveness of malware on mobile platforms. Above the actual content, the course will show basic penetration testing skills and app analysis methods.


Agenda:

Brian Butterly

Brian Butterly is a security researcher and pentester for the Mobile Security Team at ERNW. Coming from the field of electrical engineering he tends to seek alternate approaches when looking at new devices. He recently started a research project on the functionialty and security in LTE networks.