1 / 22

Mobile Malware

Mobile Malware. Reporter: Nguyễn Ngọc Thịnh. Content. Malware Security Measures Incentives Root Exploits. Malware. The purpose of malwares is stealing data, damaging the device or annoying the user

cheche
Download Presentation

Mobile Malware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Mobile Malware Reporter: Nguyễn Ngọc Thịnh

  2. Content • Malware • Security Measures • Incentives • Root Exploits

  3. Malware • The purpose of malwares is stealing data, damaging the device or annoying the user • Defrauds the user into installing the malware or gains unauthorized remote access by exploiting a vulnerability • Includes trojans, worms, botnets and viruses

  4. Security Measures • App Stores: • iOS: Apple App Store • Android: Android Market • Symbian: Ovi • Provide reviewed applications • Permissions: requiring user consent for • Installing applications • Sensitive information • Dangerous capabilities

  5. Incentives • Novelty and Amusement • Selling User Information • Stealing User Credentials • Premium-Rate SMS • SMS Spam • Search Engine Optimization • Ransom

  6. Incentives (1/7) • Novelty and Amusement: • To amuse the author • Motivated by humor, bragging rights or purposeless destruction (e.g change wallpaper) • Will decrease in number and become profit-driven • Defense: review apps

  7. Incentives (2/7) • Selling User Information: • User's location, browser and download history, installed applications: Advertising and marketing companies • IMEI (the unique device identfier): Black market phone vendors • Contacts list: Scammers, spammers or phishers • Defense: provide an alternate, globally-unique • device ID, review apps

  8. Incentives (3/7) • Stealing User Credentials • Intercepting SMS messages to capture bank account credentials • Document searching from other apps (e.g browsers, password managers, text files) • Launching phishing attacks • Bypassing two-factor authentication • Defense: • Strengthening application isolation mechanisms • Phishing is a difficult and unsolved problem

  9. Phishing

  10. Phishing

  11. Incentives (4/7) • Premium-Rate SMS • Premium-rate numbers: tech support, directory enquiries, weather forecasts, voting (in television shows), download and information • Premium-rate SMS messages cost several dollars per message • Defense: requiring user confirmation for premium-rate SMS messages. Phones can identify premium-rate number using the prefix or length of the number

  12. Incentives (5/7) • SMS Spam • For commercial advertising and spreading phishing links • Sending spam through compromised machine reduces the risk to the spammer • Defense: • Requiring user confirmation • Use built-in SMS messenger instead of the SEND_SMS permission

  13. Incentives (6/7) • Search Engine Optimization • Sends search requests to the search engine then “clicks” on the search result • To improve a web site's ranking in search engine results • Defense: add a header that identify the app that sends the request

  14. Incentives (7/7) • Ransom • Steal user's private information (e.g browser history) and publish on the Internet • Lock phone screens and demand money to unlock it • Defense: review apps

  15. Incentives

  16. Incentives Figure: A timeline of when the 46 pieces of malware were detected by malware researchers

  17. Root Exploits • Also known as “jailbreaks” • Used by malware authors and smartphone owners • To attain privileged control or “root access”

  18. Root Exploits - Incentives • Malware authors want to circumvent security mechanisms • Smartphone owners want to customize and more control of their phones due to these restrictions: • Can only install applications that are distributed through the official apps store (e.g iOS) • Cannot perform complete system backups • Cannot install custom versions of the OS that contain additional features (e.g one custom version of Android provides OpenVPN support)

  19. Root Exploits Availability

  20. Root Exploits Availability • Mainly developed by the homebrew community • To gain control of their devices and to maintain the increased functionality • Available for at least 74% of the device's lifetime • May be more effective for malware authors to use root exploits in stead of tricking users into accepting dangerous permissions

  21. Root Exploits - Discussion • Locked phone models align the incentives of attackers and smartphone users • Vulnerabilities introduced by customized OS • Require physical access to the phone to unlock bootloader

  22. THANK YOU FOR LISTENING

More Related