iBanking - a botnet on Android

•

3 j'aime•2,593 vues

Stephen Doherty, Symantec - iBanking is a relative newcomer to the mobile malware scene whose use was first identified in August of 2013. The Trojan targets Android devices and can be remotely controlled over SMS and HTTP. iBanking began life as a simple SMS stealer and call redirector, but has undergone significant development since then. iBanking is available for purchase on a private underground forum for between $4k - $5k, with the next release expected to include a 0-day exploit for the Android operating system. This presentation will discuss iBanking - it's capabilities and the reasons for targeting mobile devices.

Technologie

iBanking – a Botnet on Android 1
iBanking – a Botnet on Android
Stephen Doherty
Senior Threat Intelligence Analyst

iBanking - Agenda
iBanking – a Botnet on Android 2
iBanking – what is it?1
The Evolution of iBanking2
There’s no Honour among Thieves3

iBanking – a Botnet on Android 3
iBanking
What is it?

What does the end user see?
iBanking – a Botnet on Android 4
Polish Fake AV Scanner The Many Faces of iBanking

The Capabilities of iBanking?
Features of iBanking
Steal Device Information
Intercept SMS
Intercept Phone Calls
Forward/Redirect Calls
Steal Address Book
Record Audio on Microphone
Send SMS
Get geo-location
List files on file system
List running applications
Prevent uninstallation
Factory Reset
iBanking – a Botnet on Android 5
Controllable over SMS/HTTP

iBanking Control Panel
• Control Multiple iBanking botnet from a single UI
iBanking – a Botnet on Android 6

iBanking Control Panel
• Simple dropdown to Issue commands
iBanking – a Botnet on Android 7

iBanking Control Panel
Majority of control numbers in Russia
iBanking – a Botnet on Android 8

How do I get infected with iBanking?
iBanking – a Botnet on Android 9

Getting infected with iBanking
iBanking – a Botnet on Android 10

Getting infected with iBanking
iBanking – a Botnet on Android 11

But that’s not all!
• My PC is secure
• I wouldn’t fall for this type of social engineering scam
iBanking – A Botnet on Android 12
Chance Lodging
software in Google Play
- GFF

iBanking – a Botnet on Android 13
The Evolution of iBanking
How has it evolved?

iBanking – pre sale version in the wild (August 2013)
• Earliest iBanking varient discovered
• Simple call redirector/SMS sniffer
• Control Server Registrant Email
– ctouma2@googlemail.com
iBanking – a Botnet on Android 14

Russian private forum (September 17th, 2013)
iBanking – a Botnet on Android 15

iBanking source code leaked (February 2nd, 2014)
iBanking – A Botnet on Android 16

iBanking source code leaked (February 2nd, 2014)
iBanking – a Botnet on Android 17

Android 0-day exploit in work (March 6th, 2014)
iBanking – a Botnet on Android 18
“Work! In the near future is expected to announce in my
workshop! 0-day vulnerability in android! :-)”

iBanking – a Botnet on Android 19
There is no honour among thieves
A hackers quest to recover 65k stolen bitcoins

ReVOLVeR
https://twitter.com/rev_priv8
iBanking – a Botnet on Android 20

The Priv8 Team
iBanking – a Botnet on Android 21

Wanna sign up?
iBanking – a Botnet on Android 22

Hey I lost 65k BTC, can you help me?
• Phones are secure right?
– Store your Bitcoin wallet/credentials on the phone
• ReVOLVeR gets busy reversing!
– Command & Control
• myredskins.net
iBanking – a Botnet on Android 23

iBanking Control Panel – Admin login
• Authentication required!
iBanking – A Botnet on Android 24
http://[IBANKING_DOMAIN]/iBanking/sendFile.php

There be treasure?
iBanking – A Botnet on Android 25

ReVOLVer – Hacking the BBC
iBanking – A Botnet on Android 26

BBC confirms Hacking incident
iBanking – a Botnet on Android 27

ReVOLVer – Reselling iBanking
iBanking – a Botnet on Android 28
January 6th, 2014

Contenu connexe

Similaire à iBanking - a botnet on Android

Short 1100 Jart Armin - The Pocket Botnet

UISGCON

Short 11-00 Jart Armin - The Pocket Botnet

UISGCON

State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic

Bojan Simic

State of bitcoin security

Mediabistro

Forensic And Cloud Computing

Mitesh Katira

The Annual Global Fraud Survey, commissioned by Kroll and carried out by the Economist Intelligence Unit, reports that businesses lose nearly 1.6% of their revenue to fraud. While global banks are utilizing IT solutions to safeguard themselves from cyber and online phishing attacks, our webcast helps you understand an innovative and cutting edge technology which can help you to: * Stop revenue loss on fraud/identity thefts * Prevent customers from cyber attacks * Ensure 100% fail-proof customer authentication * Provide confidence to customers and improve CSAT * Protect banking information and customer data breach

Webcast - how can banks defend against fraud?

Uniphore

Cyber crime and cyber security

Keshab Nath

KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...

FIDO Alliance

Cyber security is a threat to organizations of all sizes, but statistics show that small to medium size businesses seem to be taking the brunt of the impact from cyber attacks these days. Watch this free webinar to see where your organization may be vulnerable and what you can do to protect your business from the next cyber attack. Join Candace Clay (Armour Insurance) and Rishi Patel (Keeran Networks) as they walk you through case studies and stats designed to make you cyber aware. Learn from the experts where you can look for holes in your cyber armour. - Know what to do or who to call when to put protection in place - See how one organization lost nearly $180k by just clicking the wrong link - Know how to implement a recovery plan in the event of an attack

Cyber Security - Whats the Worst that Could Happen

Rob Stevenson

Bitcoin presentation

Mahendra Vishwkarma

CHRIST College, Bangalore ! ️ Cyber Raksha - Talk on Cyber Security and Awareness. Delivered Seminar to MBA Final Year On Importance of Cyber Security for the Corporates ! My Initiative Cyber Raksha Aims is to Build a Culture of Cyber Safety education specially in Colleges, Schools and Corporates. Lets Transform Digital India into a SECURE DIGITAL INDIA ️ [+] Buy and Implement Secure Technology [+] Train Employees on Cyber Security - Don’t Spend all money on Secure Technology, train employees on Cyber Security. [+] Use Secure Development frameworks for developing applications [+] Understand how your application can be attacked. Short Video of my Talk : https://youtu.be/z-sanhJsXtc #CyberRaksha #Hackdoor #VanshitMalhotra #CyberSecurity #Infosec #SecureDigitalIndia #CyberSecurityAwareness #CyberSecurityTraining

Cyber Raksha - by Vanshit Malhotra

Vanshit Malhotra

Cybercrime & Cybersecurity

RitamaJana

Symbian Botnet? Mobile Linux Rootkits? iPhone Botnets? Millions of phones at risk? The press coverage on smart phone threats is at times somewhat accurate, distant, and occasionally (if unintentionally) misleading. They tend to raise questions such as: How close to PC levels (100,000+ to millions of nodes) have mobile botnets reached? Have mobile rootkits reached the complexity of those on the PC? This talk covered the state of rootkits and botnets on smart phones from the perspective of anti-malware researchers, including demystification of the threat from mobile rootkits and mobile botnets, the differences (if any) between mobile rootkits and mobile botnets vs. their PC counterparts, and a look at how samples seen in the wild and researcher PoCs function.

Smartphone Ownage: The state of mobile botnets and rootkits

Jimmy Shah

Cybercrimes against the korean online banking systems 1227 eng_slideshare

Youngjun Chang

Today’s cyber criminals are more sophisticated, more agile and more aggressive than traditional security measures can protect against. One simply needs to open a news source today to find a headline on a new breach - Office of Management Personal, Sony, Target are just a few examples of note. The increase in attacks and breaches can be attributed to a variety of factors, not the least of which include: a rise in asymmetric threats, commoditization of threats/attacks and incomplete security strategies. By incorporating cyber threat analysis in your security strategy, however, you can better counter and mitigate these threats.

IBM Cyber Threat Analysis

IBM Government

The Endless Wave of Online Threats - Protecting our Community

AVG Technologies AU

Cybercriminal in Brazil shares mobile credit card store app RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information on his Facebook page, including methods for using the app and links for downloading it. Besides the obvious purpose of selling compromised credentials, launching the application on a mobile device also prompts requests for user permissions, which can give the application the kind of control over the device that is usually associated with malicious malware applications

RSA Online Fraud Report - August 2014

EMC

Bitcoin Presentation.pptx

AshutoshSingh502936

Mobile banking commoditization

jiboutin

Web3 Security Reports for Informed Decision-Making and Risk Mitigation Stay ahead of the curve with expertly crafted Web3 security reports that offer actionable insights and unparalleled analysis. Web3 Security Outlook 2022 -> $4B were lost in 300+ security exploits in 2022 -> The report outlines all major hacks and security breaches that occurred in 2022. -> The report also explores new technologies, such as Layer 2 and zero-knowledge proofs, the role of AI in securing the Web3 ecosystem, and offers essential technical measures for smart contract developers to mitigate vulnerabilities. Protecting your Web3 assets and users from security threats is crucial but can be overwhelming. That's why we have curated a series of expertly crafted reports that provide real-world examples and practical advice. Our engaging and informative reports are the ultimate resource for businesses and organisations operating in the Web3 space. Join us on the journey to a safer Web3 world.

Web3 Security Outlook 2022-2023

QuillAudits

Similaire à iBanking - a botnet on Android (20)

Short 1100 Jart Armin - The Pocket Botnet

Short 11-00 Jart Armin - The Pocket Botnet

State of Bitcoin Security - Inside Bitcoins April 2014 - Bojan Simic

State of bitcoin security

Forensic And Cloud Computing

Webcast - how can banks defend against fraud?

Cyber crime and cyber security

KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...

Cyber Security - Whats the Worst that Could Happen

Bitcoin presentation

Cyber Raksha - by Vanshit Malhotra

Cybercrime & Cybersecurity

Smartphone Ownage: The state of mobile botnets and rootkits

Cybercrimes against the korean online banking systems 1227 eng_slideshare

IBM Cyber Threat Analysis

The Endless Wave of Online Threats - Protecting our Community

RSA Online Fraud Report - August 2014

Bitcoin Presentation.pptx

Mobile banking commoditization

Web3 Security Outlook 2022-2023

Plus de Source Conference

Matt Johansen, White Hat - Online advertising networks can be a web hacker’s best friend. For mere pennies per thousand impressions (that means browsers) there are service providers who allow you to broadly distribute arbitrary javascript -- even malicious javascript! You are SUPPOSED to use this “feature” to show ads, to track users, and get clicks, but that doesn’t mean you have to abide. Absolutely nothing prevents spending $10, $100, or more to create a massive javascript-driven browser botnet instantly. The real-world power is spooky cool. We know, because we tested it… in-the-wild.

Million Browser Botnet

Source Conference

Matt Summers, NCC Group - Web technology has changed a lot in the last 25 years but the underlying transport mechanism has stayed the same. The web we have today was not designed for the plethora of new device types and communication methods but things are changing and you probably don’t even know it. You probably don’t even notice the problem because it is so ingrained. In this presentation we are going to delve into the problems with the web and how we use it today. We will also take an in depth look at the proposed solutions for the next generation web and the implications that come with it.

I want the next generation web here SPDY QUIC

Source Conference

Mathieu Letourneau, Andrei Saygo, Eoin Ward, Microsoft This talk will present our research project on .Net file clustering based on their respective basic blocks and the parallel that can be made with DNA sequence variation analysis. We implemented a system that extracts the basic blocks on each file and creates clusters based on them. We also developed an IDA plugin to make use of that data and speed up our analysis of .Net files. Andrei Saygo, Eoin Ward and Mathieu Letourneau all work as Anti-Malware Security Engineers in the AM Scan team of Microsoft’s Product Release & Security Services group in Dublin, Ireland.

From DNA Sequence Variation to .NET Bits and Bobs

Source Conference

Extracting Forensic Information From Zeus Derivatives

Source Conference

Brian Honan, IRISSCERT Social media networks provide individuals and businesses with exciting opportunities to communicate and collaborate with others throughout the world. But with these opportunities come a number of security challenges and risks. This talk will outline how social media networks can pose various threats to businesses, from information leakage, reputational damage, to social engineering profiling, and vectors for enabling compromise of corporate systems. Social media networks also enable the rapid dissemination of news which in the event of an information security breach could either save or destroy an organisations reputation. Understanding and dealing with these challenges will enable companies to like and favourite social media networks in a secure way. Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to Europol's Cybercrime Centre (EC3), an adjunct lecturer on Information Security in University College Dublin. He is the author of the book "ISO 27001 in a Windows Environment" and co-author of "The Cloud Security Rules", and regularly speaks at major industry conferences. In 2013 Brian was awarded SC Magazine's Information Security Person of the year for his contribution to the computer security industry.

How to Like Social Media Network Security

Source Conference

Wfuzz para Penetration Testers

Source Conference

Security Goodness with Ruby on Rails

Source Conference

Securty Testing For RESTful Applications

Source Conference

Esteganografia

Source Conference

Men in the Server Meet the Man in the Browser

Source Conference

Advanced Data Exfiltration The Way Q Would Have Done It

Source Conference

Adapting To The Age Of Anonymous

Source Conference

Are Agile And Secure Development Mutually Exclusive?

Source Conference

Advanced (persistent) binary planting

Source Conference

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Source Conference

Who should the security team hire next?

Source Conference

The Latest Developments in Computer Crime Law

Source Conference

JSF Security

Source Conference

How To: Find The Right Amount Of Security Spend

Source Conference

Everything you should already know about MS-SQL post-exploitation

Source Conference

Plus de Source Conference (20)

Million Browser Botnet

I want the next generation web here SPDY QUIC

From DNA Sequence Variation to .NET Bits and Bobs

Extracting Forensic Information From Zeus Derivatives

How to Like Social Media Network Security

Wfuzz para Penetration Testers

Security Goodness with Ruby on Rails

Securty Testing For RESTful Applications

Esteganografia

Men in the Server Meet the Man in the Browser

Advanced Data Exfiltration The Way Q Would Have Done It

Adapting To The Age Of Anonymous

Are Agile And Secure Development Mutually Exclusive?

Advanced (persistent) binary planting

Legal/technical strategies addressing data risks as perimeter shifts to Cloud

Who should the security team hire next?

The Latest Developments in Computer Crime Law

JSF Security

How To: Find The Right Amount Of Security Spend

Everything you should already know about MS-SQL post-exploitation

Dernier

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

Real Time Object Detection Using Open CV

Khem

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

DBX First Quarter 2024 Investor Presentation

Dropbox

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Navi Mumbai Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Navi Mumbai Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Navi Mumbai Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Dernier (20)

Artificial Intelligence Chap.5 : Uncertainty

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Apidays New York 2024 - The value of a flexible API Management solution for O...

Automating Google Workspace (GWS) & more with Apps Script

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Real Time Object Detection Using Open CV

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

DBX First Quarter 2024 Investor Presentation

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Ransomware_Q4_2023. The report. [EN].pdf

MS Copilot expands with MS Graph connectors

Powerful Google developer tools for immediate impact! (2023-24 C)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

GenAI Risks & Security Meetup 01052024.pdf

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

2024: Domino Containers - The Next Step. News from the Domino Container commu...

presentation ICT roal in 21st century education

iBanking - a botnet on Android

1. iBanking – a Botnet on Android 1 iBanking – a Botnet on Android Stephen Doherty Senior Threat Intelligence Analyst

2. iBanking - Agenda iBanking – a Botnet on Android 2 iBanking – what is it?1 The Evolution of iBanking2 There’s no Honour among Thieves3

3. iBanking – a Botnet on Android 3 iBanking What is it?

4. What does the end user see? iBanking – a Botnet on Android 4 Polish Fake AV Scanner The Many Faces of iBanking

5. The Capabilities of iBanking? Features of iBanking Steal Device Information Intercept SMS Intercept Phone Calls Forward/Redirect Calls Steal Address Book Record Audio on Microphone Send SMS Get geo-location List files on file system List running applications Prevent uninstallation Factory Reset iBanking – a Botnet on Android 5 Controllable over SMS/HTTP

6. iBanking Control Panel • Control Multiple iBanking botnet from a single UI iBanking – a Botnet on Android 6

7. iBanking Control Panel • Simple dropdown to Issue commands iBanking – a Botnet on Android 7

8. iBanking Control Panel Majority of control numbers in Russia iBanking – a Botnet on Android 8

9. How do I get infected with iBanking? iBanking – a Botnet on Android 9

10. Getting infected with iBanking iBanking – a Botnet on Android 10

11. Getting infected with iBanking iBanking – a Botnet on Android 11

12. But that’s not all! • My PC is secure • I wouldn’t fall for this type of social engineering scam iBanking – A Botnet on Android 12 Chance Lodging software in Google Play - GFF

13. iBanking – a Botnet on Android 13 The Evolution of iBanking How has it evolved?

14. iBanking – pre sale version in the wild (August 2013) • Earliest iBanking varient discovered • Simple call redirector/SMS sniffer • Control Server Registrant Email – ctouma2@googlemail.com iBanking – a Botnet on Android 14

15. Russian private forum (September 17th, 2013) iBanking – a Botnet on Android 15

16. iBanking source code leaked (February 2nd, 2014) iBanking – A Botnet on Android 16

17. iBanking source code leaked (February 2nd, 2014) iBanking – a Botnet on Android 17

18. Android 0-day exploit in work (March 6th, 2014) iBanking – a Botnet on Android 18 “Work! In the near future is expected to announce in my workshop! 0-day vulnerability in android! :-)”

19. iBanking – a Botnet on Android 19 There is no honour among thieves A hackers quest to recover 65k stolen bitcoins

20. ReVOLVeR https://twitter.com/rev_priv8 iBanking – a Botnet on Android 20

21. The Priv8 Team iBanking – a Botnet on Android 21

22. Wanna sign up? iBanking – a Botnet on Android 22

23. Hey I lost 65k BTC, can you help me? • Phones are secure right? – Store your Bitcoin wallet/credentials on the phone • ReVOLVeR gets busy reversing! – Command & Control • myredskins.net iBanking – a Botnet on Android 23

24. iBanking Control Panel – Admin login • Authentication required! iBanking – A Botnet on Android 24 http://[IBANKING_DOMAIN]/iBanking/sendFile.php

25. There be treasure? iBanking – A Botnet on Android 25

26. ReVOLVer – Hacking the BBC iBanking – A Botnet on Android 26

27. BBC confirms Hacking incident iBanking – a Botnet on Android 27

28. ReVOLVer – Reselling iBanking iBanking – a Botnet on Android 28 January 6th, 2014

29. Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. iBanking – a Botnet on Android 29 Stephen Doherty, Senior Threat Intelligence Analyst, Attack Investigations Team,

iBanking - a botnet on Android

Recommandé

Recommandé

Contenu connexe

Similaire à iBanking - a botnet on Android

Similaire à iBanking - a botnet on Android (20)

Plus de Source Conference

Plus de Source Conference (20)

Dernier

Dernier (20)

iBanking - a botnet on Android