21. Step 2: Installing a Backdoor Android/“Rooting”
Administrative
] [ ] [
Every process can run as an administrative (root)
user if it is able to trigger a vulnerability in the
OS
Vulnerability
Each Android device had/ has a vulnerability
Exploit
Detection mechanisms don’t look at apps that
exploit the vulnerability
22. Step 2: Installing a Backdoor Android/iOS/ “Jailbreaking”
Community
] [ ] [
Jailbroken
xCon
32. Behavioral-Based Malware Detection
Virtual
execution
Cloud-based virtual execution of applications and payloads
to detect exploits
Identification
Identification of malicious behaviors within the applications
(such as keyloggers and screencaptures)
Detection
Detection and blocking of C&C activity when mobile
malware attempts to exfiltrate information from the device
33. Behavioral-Based Malware Detection
Virtual
execution
Cloud-based virtual execution of applications and payloads
to detect exploits
Identification
Identification of malicious behaviors within the applications
(such as keyloggers and screencaptures)
Detection
Detection and blocking of C&C activity when mobile
malware attempts to exfiltrate information from the device
Blocking of driveby attacks
Blocking of drive-by attacks, including exploits of
unpatched Web browser vulnerabilities and Jailbreaking
attempts