BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions

Tags:

Preview:

Click to see full reader

DESCRIPTION

Spyphones are surveillance tools surreptitiously planted on a users handheld device. While malicious mobile applications mainly phone fraud applications distributed through common application channels - target the typical consumer, spyphones are nation states tool of attacks. Why? Once installed, the software stealthy gathers information such as text messages (SMS), geo-location information, emails and even surround-recordings. How are these mobile cyber-espionage attacks carried out? In this engaging session, we present a novel proof-of-concept attack technique which bypass traditional mobile malware detection measures- and even circumvent common Mobile Device Management (MDM) features, such as encryption. http://www.blackhat.com/us-13/briefings.html#Brodie

Citation preview

Practical Attacks against Mobile

Device Management Solutions

About: Daniel

From PC to Mobile

Developing an App Analysis framework for spyphones, mobile malware and exploits

About: Michael

Agenda

TARGETED

MOBILE THREATS

The Mobile Threatscape

Mobile Remote Access Trojans (aka Spyphones)

Recent High-Profiled Examples

Varying Costs, Similar Results

Commercial Surveillance Software

Survey: Cellular Network 2M Subscribers Sampling: 650K

Survey: Cellular Network 2M Subscribers Sampling: 650K

June 2013:

1 / 1000 devices

Survey: Cellular Network 2M Subscribers Sampling: 650K

Survey: Cellular Network 2M Subscribers Sampling: 650K

MDM and SECURE

CONTAINERS

101

Mobile Device Management

MDM: Penetration in the Market

Gartner, Inc. October 2012

MDM Key Capabilities

Secure Containers

Behind the Scenes: Secure Containers

MDMs and Secure Containers

MDMs and Secure Containers

BYPASSING

MOBILE DEVICE

MANAGEMENT

(MDM) SOLUTIONS

Overview

ANDROID

Step 1: Infect the Device

Step 1: Technical Details

Step 2: Install a Backdoor (i.e. Rooting)

Step 2: Install a Backdoor (i.e. Rooting)

Step 2: Technical Details

Step 3: Bypass Containerization

Step 3: Bypass Containerization

Step 3: Bypass Containerization

Step 3: Technical Details

Step 4: Exfiltrate Information

Step 4: Technical Details

Who Needs Root If you Have System

IOS

Step 1: Infect the device

Step 2: Install a Backdoor (i.e. Jailbreaking)

Step 2: Technical Details

Step 3: Bypass Containerization

MITIGATION

TECHNIQUES

MDM

Key Issues

Layered Approach (Defense-In-Depth)

Adaptive multi-layer approach

Thank You.

Recommended

Slide Griffin - Practical Attacks and Mitigations
Technology
HomePlugAV PLC: practical attacks and backdooring · PDF file · 2018-01-05HomePlugAV PLC: practical attacks and backdooring HomePlugAV PLC: ... Domestic Powerline Communication
Documents
Timing attacks have never been so practical: Advance cross site search attacks
Technology
Privacy & Stylometry: Practical Attacks Against Authorship Recognition Techniques
Documents
Practical Attacks on Implementations · Practical Attacks on Real World Crypto Implementations Juraj Somorovsky 2 Recent years revealed many crypto attacks… • ESORICS 2004, Bard:
Documents
Practical steps to mitigate DDoS attacks
Technology
Practical Adversarial Attacks AgainstSpeaker …zli96/publications/li2020...Practical Adversarial Attacks Against Speaker Recognition Systems Zhuohang Li The University of Tennessee
Documents
Practical Padding Oracle Attacks
Documents
Memory Corruption Attacks The (almost) Complete …media.blackhat.com/bh-us-10/whitepapers/Meer/BlackHat-USA-2010...Memory Corruption Attacks The (almost) Complete History ... Memory
Documents
Practical Black-Box Attacks against Machine Learning · Practical Black-Box Attacks against Machine Learning Nicolas Papernot Pennsylvania State University ngp5056@cse.psu.edu Patrick
Documents
Practical Adversarial Attacks AgainstSpeaker …web.eecs.utk.edu/~jliu98/publications/li2020practical.pdfPractical Adversarial Attacks Against Speaker Recognition Systems Zhuohang
Documents
Practical rsa padding oracle attacks
Engineering
THE DANGERS OF KEY REUSE: PRACTICAL ATTACKS ON …...practical attacks on ipsec ike ... vpns (virtual private networks) the dangers of key reuse: practical attacks on ipsec ike | dennis
Documents
Welcome to Blackhat! Welcome to Blackhat!
Documents
Practical Invalid Curve Attacks on TLS-ECDH · Practical Invalid Elliptic Curve Attacks on TLS-ECDH Tibor Jager, Jörg Schwenk, Juraj Somorovsky 2 Recent years revealed many attacks
Documents
Practical Attacks on the MIFARE Classic
Documents
Detecting Web Browser Heap Corruption Attacks - Stephan Chenette, Moti Joseph, Blackhat USA 2007
Documents
Wp Ernw Practical Attacks Mpls Carrier Ethernet
Documents
BlackHat DC 2011 Perez-Pico Mobile Attacks-Wp
Documents
HITB Labs: Practical Attacks Against 3G/4G ...conference.hitb.org/hitbsecconf2011kul/materials/D2 LABS - Daniel... · HITB Labs: Practical Attacks Against 3G/4G Telecommunication
Documents