How Mobile Malware Bypasses Secure Containers

•

1 j'aime•1,919 vues

Lacoon Mobile Security

How does mobile malware bypass secure containers, wrappers and MDM?

Technologie Business

How Mobile Malware
Bypasses
Secure Containers

The Mobile Application
Sandbox Security Model

The Mobile Applicaton SandBox Security Model

The Mobile Applicaton SandBox Security Model

Storage

The Mobile Applicaton SandBox Security Model

Memory

The Mobile Applicaton SandBox Security Model

Device Functionalities
(GPS,Network, SMS)

The Mobile Applicaton SandBox Security Model

Storage
Memory
Device Functionalities
(GPS,Network, SMS)

Secure Containers

Storage
Memory
Device Functionalities
(GPS,Network, SMS)

Wrappers

Storage
Memory
Device Functionalities
(GPS,Network, SMS)

How Mobile Malware Breaks
Secure Containers

Attack Overview

] [ ] [

Storage
Memory
Device Functionalities
(GPS,Network, SMS)

Step 1: Infection of the Device/ Android

Step 1: Infecting the Device with Malware/ iOS

Step 2: Installing a Backdoor Android/“Rooting”

Administrative

] [ ] [

Every process can run as an administrative (root)
user if it is able to trigger a vulnerability in the
OS

Vulnerability
Each Android device had/ has a vulnerability

Exploit
Detection mechanisms don’t look at apps that
exploit the vulnerability

Step 2: Installing a Backdoor Android/iOS/ “Jailbreaking”

Community

] [ ] [

Jailbroken

xCon

Step 3: Bypassing Containerization

] [ ] [

Storage
Memory
Device Functionalities
(GPS,Network, SMS)

Mitigating the Threat
with Lacoon
Mobile Security

Behavioral-Based Malware Detection
Virtual
execution

Cloud-based virtual execution of applications and payloads
to detect exploits

Behavioral-Based Malware Detection
Virtual
execution

Cloud-based virtual execution of applications and payloads
to detect exploits

Identification

Identification of malicious behaviors within the applications
(such as keyloggers and screencaptures)

Contenu connexe

Similaire à How Mobile Malware Bypasses Secure Containers

(Pptx) yury chemerkin hacker_halted_2013

STO STRATEGY

(Pdf) yury chemerkin hackfest.ca_2013

STO STRATEGY

(Pdf) yury chemerkin hacktivity_2013

STO STRATEGY

6.3. How to get out of an inprivacy jail

defconmoscow

IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions

Lacoon Mobile Security

As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet, protecting all your users within minutes. Cisco Advanced Malware Protection offers global threat intelligence, advanced sandboxing and real-time malware blocking to prevent breaches while it continuously analyzes file activity across your network, so that you can quickly detect, contain and remove advanced malware. Presentation of Cisco Security Architecture and Solutions such as Cisco Advanced Malware Protection (AMP) and Cisco Umbrella during Simplex-Cisco Technology Session that took place at the Londa Hotel in Limassol on 14 March 2018.

Cisco Security Presentation

Simplex

Droidcon mobile security

Judy Ngure

Nowadays, like the technology itself, hacking activities against mobile phone is growing very rapidly, both for mobile devices (operating system) or mobile applications, some applications providers even dedicate a penetration testing activity for applications that they created right before it gets released to the public, while others open a bug bounty programs, and sadly the rest just watch and do nothing. On the other side, malware developer arround the world also already move their main target and has been developing malware to take over the mobile devices which surely keep all our personal/private and our work, some of it even make us to pay for getting it back. This talks will be focusing more on the trend of mobile device security lately, mobile security penetration testing activity, also in practice, showing several types of common weaknesses/vulnerabiliies within the mobile applications and how the exploitation is done by the attacker, malware is created and planted, until it is successfully to take over the target mobile device.

Mobile hacking, pentest, and malware

Ammar WK

It kamus virus security glossary

Fathoni Mahardika II

Mobile security

Stefaan

Kevin Johnson, John Sawyer and Tom Eston have spent quite a bit of time evaluating mobile applications in their respective jobs. In this presentation they will provide the audience an understanding of how to evaluate mobile applications, examples of how things have been done wrong and an understanding of how you can perform this testing within your organization. This talk will work with applications from the top three main platforms; iOS, Android and Blackberry. Kevin, Tom and John have used a variety of the top 25 applications for each of these platforms to provide real world examples of the problems applications face.

Smart Bombs: Mobile Vulnerability and Exploitation

Tom Eston

Mobile devices are becoming increasingly better hardened. App stores are helping by vetting apps to weed out malicious behavior. Servers are protected by sophisticated security systems. In the end, the mobile apps themselves remain the most vulnerable elements in a modern application architecture. Once downloaded, they can be reverse engineered and even modified. They may contain or provide gateways to valuable assets, in-app purchases, hidden features or defects, and more, which organizations and developers need to protect. Luckily, protecting Android and iOS apps has also come a long way since the early days of name obfuscation. Have a specific question on Mobile App Protection?

Securing Mobile Apps, From the Inside Out

SBWebinars

When developers api simplify user mode rootkits development – part ii

STO STRATEGY

MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)

Lacoon Mobile Security

Amphion Forum 2013: What to Do About Attacks Against MDMs

Lacoon Mobile Security

(Pdf) yury chemerkin balccon_2013

STO STRATEGY

Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile devices. Currently, the security of applications for mobile devices is checked by running them in VM environments before they are released to the end user. We argue that such a process may cause or overlook serious security threats to the end user. In particular, if a piece of malware can detect its current running environment, it may change its behavior such that it doesn’t perform malicious operations in environments it suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it may be able to hide from the security system on the VM. This is a potential security hazard for end users, especially users of mobile devices. In this paper, we present a VM detection method that we argue could be used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP timestamps in replies sent from the target environment. The method does not require any installation of software on the target machine which further increase its potential harm if it were to be used by malware to detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to differentiate between a real machine and a VM, thus providing protection to PC end users.

VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTIC

ijcsit

Environmental pollution nowadays is a major aspect to be considered. Pollution has to be avoided and there are several ways to control it. In this paper, we propose an innovative software application, via which a user can send an alert text message and location details to the garbage/waste management department in the campus and also post the same details on the dedicated web server. This information essentially helps the respective department to take care of garbage present in the campus.

Garbage Management using Android Smartphone

ijsrd.com

Les 10 risques liés aux applications mobiles

Bee_Ware

The Places of Our Lives: Visiting Patterns and Automatic Labeling from Longitudinal Smartphone Data ABSTRACT: The location tracking functionality of modern mobile devices provides unprecedented opportunity to the understanding of individual mobility in daily life. Instead of studying raw geographic coordinates, we are interested in understanding human mobility patterns based on sequences of place visits which encode, at a coarse resolution, most daily activities. This paper presents a study on place characterization in people’s everyday life based on data recorded continuously by smartphones. First, we study human mobility from sequences of place visits, including visiting patterns on different place categories. Second, we address the problem of automatic place labeling from smartphone data without using any geo-location information. Our study on a large-scale data collected from 114 smartphone users over 18 months confirm many intuitions, and also reveals findings regarding both regularly and novelty trends in visiting patterns. Considering the problem of place labeling with 10 place categories, we show that frequently visited places can be recognized reliably (over 80 percent) while it is much more challenging to recognize infrequent places.

Security threats to mobile multimedia applications camera based attacks on mo...

JPINFOTECH JAYAPRAKASH

Similaire à How Mobile Malware Bypasses Secure Containers (20)

(Pptx) yury chemerkin hacker_halted_2013

(Pdf) yury chemerkin hackfest.ca_2013

(Pdf) yury chemerkin hacktivity_2013

6.3. How to get out of an inprivacy jail

IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions

Cisco Security Presentation

Droidcon mobile security

Mobile hacking, pentest, and malware

It kamus virus security glossary

Mobile security

Smart Bombs: Mobile Vulnerability and Exploitation

Securing Mobile Apps, From the Inside Out

When developers api simplify user mode rootkits development – part ii

MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)

Amphion Forum 2013: What to Do About Attacks Against MDMs

(Pdf) yury chemerkin balccon_2013

VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTIC

Garbage Management using Android Smartphone

Les 10 risques liés aux applications mobiles

Security threats to mobile multimedia applications camera based attacks on mo...

Plus de Lacoon Mobile Security

Mobile Threats: Enterprises Under Attack

Lacoon Mobile Security

Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...

Lacoon Mobile Security

This Bleeding-In-The-Browser attack scenario is a highly common scenario that exploits an Android 4.1.1 mobile browser to steal credentials and session cookies using reverse Heartbleed. This presentation illustrates how easily an attacker can steal your Enterprise data with social engineering techniques as well as tips for protecting your Enterprise data from Bleeding-in-the-Browser / client-side Heartbleed.

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...

Lacoon Mobile Security

A profile is an extremely sensitive optional configuration file which allows to re-define different system functionality parameters such as mobile carrier settings, Mobile Device Management (MDM) settings and networking settings. Through social engineering techniques such as email phishing or a fake URL, an attacker can convince a user to install a malicious profile and compromise the device settings to silently route network traffic from the device to a remote proxy over SSL using a self-signed certificate. The impact: Once the attacker has re-routed all traffic from the mobile device to their own server, they can begin to install other malicious apps and decrypt SSL communications.

iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation

Lacoon Mobile Security

An Overview of mRATs

Lacoon Mobile Security

Spyphones are surveillance tools surreptitiously planted on a users handheld device. While malicious mobile applications mainly phone fraud applications distributed through common application channels - target the typical consumer, spyphones are nation states tool of attacks. Why? Once installed, the software stealthy gathers information such as text messages (SMS), geo-location information, emails and even surround-recordings. How are these mobile cyber-espionage attacks carried out? In this engaging session, we present a novel proof-of-concept attack technique which bypass traditional mobile malware detection measures- and even circumvent common Mobile Device Management (MDM) features, such as encryption. http://www.blackhat.com/us-13/briefings.html#Brodie

BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions

Lacoon Mobile Security

In this engaging session, we demonstrate a live attack technique aimed at bypassing a popular MDM solution with an email encryption offering. Further, we show how the mobile surveillance software effectively renders the encryption feature useless. This demonstration includes a mobile spyware version which directly accesses the MDM’s memory storage, retrieves the plain-text emails and sends them on to a remote server. Finally, we present mitigation techniques to solve against this problem. Differentiate between mass consumer-oriented mobile attacks and targeted mobile cyber-attacks Recognise the shortcoming of MDM as a wholesome security solution Enhance mobile attack mitigation techniques through mobile activity visibility

Anatomy of a Targeted Attack against Mobile Device Management (MDM)

Lacoon Mobile Security

Spyphones are surveillance tools surreptitiously planted on a user’s handheld device. While malicious mobile applications, mainly phone fraud applications distributed through common application channels, target the typical consumer, spyphones are nation states tool of attacks. Why? Once installed, the software stealthy gathers information such as text messages (SMS), geo-location information, emails and even surround-recordings. How are these mobile cyber-espionage attacks carried out? In this engaging session, we present novel proof-of-concept attack techniques - both on Android and iOS devices - which bypass traditional mobile malware detection measures- and even circumvent common Mobile Device Management (MDM) features, such as encryption.

BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)

Lacoon Mobile Security

Plus de Lacoon Mobile Security (8)

Mobile Threats: Enterprises Under Attack

Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the E...

iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation

An Overview of mRATs

BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions

Anatomy of a Targeted Attack against Mobile Device Management (MDM)

BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)

Dernier

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

How to convert PDF to text with Nanonets

naman860154

What are drone anti-jamming systems? The drone anti-jamming systems and anti-spoof technology protect against interference, jamming, and spoofing of the UAVs. To protect their security, countries are beginning to research drone anti-jamming systems, also known as drone strike weapons. The anti-jam and anti-spoof technology protects against interference, jamming and spoofing. A drone strike weapon is a drone attack weapon that can attack and destroy enemy drones. So what is so unique about this amazing system?

What Are The Drone Anti-jamming Systems Technology?

Antenna Manufacturer Coco

In an era where artificial intelligence (AI) stands at the forefront of business innovation, Information Architecture (IA) is at the core of functionality. See “There’s No AI Without IA” – (from 2016 but even more relevant today) Understanding and leveraging how Information Architecture (IA) supports AI synergies between knowledge engineering and prompt engineering is critical for senior leaders looking to successfully deploy AI for internal and externally facing knowledge processes. This webinar be a high-level overview of the methodologies that can elevate AI-driven knowledge processes supporting both employees and customers. Core Insights Include: Strategic Knowledge Engineering: Delve into how structuring AI's knowledge base is required to prevent hallucinations, enable contextual retrieval of accurate information. This will include discussion of gold standard libraries of use cases support testing various LLMs and structures and configurations of knowledge base. Precision in Prompt Engineering: Learn the art of crafting prompts that direct AI to deliver targeted, relevant responses, thereby optimizing customer experiences and business outcomes. Unified Approach for Enhanced AI Performance: Explore the intersection of knowledge and prompt engineering to develop AI systems that are not only more responsive but also aligned with overarching business strategies. Guiding Principles for Implementation: Equip yourself with best practices, ethical guidelines, and strategic considerations for embedding these technologies into your business ecosystem effectively. This webinar is designed to empower business and technology leaders with the knowledge to harness the full potential of AI, ensuring their organizations not only keep pace with digital transformation but lead the charge. Join us to map a roadmap to fully leverage Information Architecture (IA) and AI chart a course towards a future where AI is a key pillar of strategic innovation and business success.

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Earley Information Science

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Friends Colony Women Seeking Men

Delhi Call girls

CNv6 Instructor Chapter 6 Quality of Service

giselly40

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Evaluating the top large language models.pdf

ChristopherTHyatt

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts

How to convert PDF to text with Nanonets

What Are The Drone Anti-jamming Systems Technology?

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Artificial Intelligence: Facts and Myths

A Domino Admins Adventures (Engage 2024)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Axa Assurance Maroc - Insurer Innovation Award 2024

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Powerful Google developer tools for immediate impact! (2023-24 C)

08448380779 Call Girls In Friends Colony Women Seeking Men

CNv6 Instructor Chapter 6 Quality of Service

GenAI Risks & Security Meetup 01052024.pdf

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

How to Troubleshoot Apps for the Modern Connected Worker

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Evaluating the top large language models.pdf

08448380779 Call Girls In Civil Lines Women Seeking Men

Partners Life - Insurer Innovation Award 2024

How Mobile Malware Bypasses Secure Containers

1. How Mobile Malware Bypasses Secure Containers

2. The Mobile Application Sandbox Security Model

3. The Mobile Applicaton SandBox Security Model

4. The Mobile Applicaton SandBox Security Model Storage

5. The Mobile Applicaton SandBox Security Model Memory

6. The Mobile Applicaton SandBox Security Model Device Functionalities (GPS,Network, SMS)

7. The Mobile Applicaton SandBox Security Model Storage Memory Device Functionalities (GPS,Network, SMS)

8. The Mobile Applicaton SandBox Security Model Storage Memory Device Functionalities (GPS,Network, SMS)

9. Secure Containers and Wrappers

10. Secure Containers Storage Memory Device Functionalities (GPS,Network, SMS)

11. Secure Containers Storage Memory Device Functionalities (GPS,Network, SMS)

12. Wrappers Storage Memory Device Functionalities (GPS,Network, SMS)

13. How Mobile Malware Breaks Secure Containers

14. Attack Overview ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

15. Attack Overview ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

16. Attack Overview ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

17. Attack Overview ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

18. Step-by-Step

19. Step 1: Infection of the Device/ Android

20. Step 1: Infecting the Device with Malware/ iOS

21. Step 2: Installing a Backdoor Android/“Rooting” Administrative ] [ ] [ Every process can run as an administrative (root) user if it is able to trigger a vulnerability in the OS Vulnerability Each Android device had/ has a vulnerability Exploit Detection mechanisms don’t look at apps that exploit the vulnerability

22. Step 2: Installing a Backdoor Android/iOS/ “Jailbreaking” Community ] [ ] [ Jailbroken xCon

23. Step 3: Bypassing Containerization ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

24. Step 3: Bypassing Containerization ] [ ] [ Storage Memory Device Functionalities (GPS,Network, SMS)

25. There’s More... Android

26. Alternative Keyboards

27. Alternative Keyboards HELLO WORLD

28. Alternative Keyboards HELLO WORLD

29. Mitigating the Threat with Lacoon Mobile Security

30. Behavioral-Based Malware Detection Virtual execution Cloud-based virtual execution of applications and payloads to detect exploits

31. Behavioral-Based Malware Detection Virtual execution Cloud-based virtual execution of applications and payloads to detect exploits Identification Identification of malicious behaviors within the applications (such as keyloggers and screencaptures)

32. Behavioral-Based Malware Detection Virtual execution Cloud-based virtual execution of applications and payloads to detect exploits Identification Identification of malicious behaviors within the applications (such as keyloggers and screencaptures) Detection Detection and blocking of C&C activity when mobile malware attempts to exfiltrate information from the device

33. Behavioral-Based Malware Detection Virtual execution Cloud-based virtual execution of applications and payloads to detect exploits Identification Identification of malicious behaviors within the applications (such as keyloggers and screencaptures) Detection Detection and blocking of C&C activity when mobile malware attempts to exfiltrate information from the device Blocking of driveby attacks Blocking of drive-by attacks, including exploits of unpatched Web browser vulnerabilities and Jailbreaking attempts

34. Thank You. Contact us: info@lacoon.com

How Mobile Malware Bypasses Secure Containers

Recommandé

Recommandé

Contenu connexe

Similaire à How Mobile Malware Bypasses Secure Containers

Similaire à How Mobile Malware Bypasses Secure Containers (20)

Plus de Lacoon Mobile Security

Plus de Lacoon Mobile Security (8)

Dernier

Dernier (20)

How Mobile Malware Bypasses Secure Containers