Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Monokle - Mobile Surveillanceware with a Russian Connection
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Special Technology Center (STC)
- 3 Surveillanceware Prevalence
- 4 Monokle-Agent
- 5 Dates when Monokle samples were signed
- 6 Observed samples
- 7 Targets
- 8 Detected Installations
- 9 Malicious Functionality
- 10 Android APIs
- 11 Direct App Database Access
- 12 Accessibility Service Usage
- 13 Screen Unlock Recording
- 14 Trusted Certificate Install
- 15 Hooking using Xposed
- 16 User-defined words for predictive text input
- 17 C2 Communication (Outbound TCP)
- 18 C2 Communication (SMS)
- 19 Thrift - Defining Interfaces
- 20 Thrift - Generating Code
- 21 Evidence of iOS components - GetKeychain/SetKeychain
- 22 Evidence of iOS components - Apns Registration
- 23 Overlap in signing certificates for Monokle and STC's APKs
- 24 Overlap in signing certificates with an STC employee's personal Android project
- 25 Android Software Development Projects by STC
- 26 Command and Control Infrastructure overlap
- 27 Job Postings
- 28 Developer, researcher ANDROID/IOS
- 29 Indicators of Compromise
- 30 Remediation and Forensic Options
- 31 Mobile Surveillanceware Trends
- 32 RS Conference 2020 San Francisco February 24-28 Moscone Center
