Upload
lacoon-mobile-security
View
1.235
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Spyphones are surveillance tools surreptitiously planted on a users handheld device. While malicious mobile applications mainly phone fraud applications distributed through common application channels - target the typical consumer, spyphones are nation states tool of attacks. Why? Once installed, the software stealthy gathers information such as text messages (SMS), geo-location information, emails and even surround-recordings. How are these mobile cyber-espionage attacks carried out? In this engaging session, we present a novel proof-of-concept attack technique which bypass traditional mobile malware detection measures- and even circumvent common Mobile Device Management (MDM) features, such as encryption. http://www.blackhat.com/us-13/briefings.html#Brodie
Citation preview
Practical Attacks against Mobile
Device Management Solutions
About: Daniel
•
From PC to Mobile
•
Developing an App Analysis framework for spyphones, mobile malware and exploits
About: Michael
•
•
Agenda
•
•
•
•
TARGETED
MOBILE THREATS
The Mobile Threatscape
Mobile Remote Access Trojans (aka Spyphones)
Recent High-Profiled Examples
Varying Costs, Similar Results
Commercial Surveillance Software
Survey: Cellular Network 2M Subscribers Sampling: 650K
Survey: Cellular Network 2M Subscribers Sampling: 650K
June 2013:
1 / 1000 devices
Survey: Cellular Network 2M Subscribers Sampling: 650K
Survey: Cellular Network 2M Subscribers Sampling: 650K
MDM and SECURE
CONTAINERS
101
Mobile Device Management
•
•
•
MDM: Penetration in the Market
Gartner, Inc. October 2012
MDM Key Capabilities
•
•
•
•
Secure Containers
Behind the Scenes: Secure Containers
MDMs and Secure Containers
MDMs and Secure Containers
BYPASSING
MOBILE DEVICE
MANAGEMENT
(MDM) SOLUTIONS
Overview
ANDROID
Step 1: Infect the Device
Step 1: Technical Details
Step 2: Install a Backdoor (i.e. Rooting)
Step 2: Install a Backdoor (i.e. Rooting)
Step 2: Technical Details
Step 3: Bypass Containerization
Step 3: Bypass Containerization
Step 3: Bypass Containerization
Step 3: Technical Details
Step 4: Exfiltrate Information
Step 4: Technical Details
•
•
•
•
Who Needs Root If you Have System
IOS
Step 1: Infect the device
Step 2: Install a Backdoor (i.e. Jailbreaking)
Step 2: Technical Details
Step 3: Bypass Containerization
MITIGATION
TECHNIQUES
MDM
Key Issues
•
•
•
Layered Approach (Defense-In-Depth)
•
•
•
Adaptive multi-layer approach
•
•
•
Thank You.