Monokle - Mobile Surveillanceware with a Russian Connection

Monokle - Mobile Surveillanceware with a Russian Connection

RSA Conference via YouTube Direct link

Intro

1 of 32

1 of 32

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Monokle - Mobile Surveillanceware with a Russian Connection

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Special Technology Center (STC)
  3. 3 Surveillanceware Prevalence
  4. 4 Monokle-Agent
  5. 5 Dates when Monokle samples were signed
  6. 6 Observed samples
  7. 7 Targets
  8. 8 Detected Installations
  9. 9 Malicious Functionality
  10. 10 Android APIs
  11. 11 Direct App Database Access
  12. 12 Accessibility Service Usage
  13. 13 Screen Unlock Recording
  14. 14 Trusted Certificate Install
  15. 15 Hooking using Xposed
  16. 16 User-defined words for predictive text input
  17. 17 C2 Communication (Outbound TCP)
  18. 18 C2 Communication (SMS)
  19. 19 Thrift - Defining Interfaces
  20. 20 Thrift - Generating Code
  21. 21 Evidence of iOS components - GetKeychain/SetKeychain
  22. 22 Evidence of iOS components - Apns Registration
  23. 23 Overlap in signing certificates for Monokle and STC's APKs
  24. 24 Overlap in signing certificates with an STC employee's personal Android project
  25. 25 Android Software Development Projects by STC
  26. 26 Command and Control Infrastructure overlap
  27. 27 Job Postings
  28. 28 Developer, researcher ANDROID/IOS
  29. 29 Indicators of Compromise
  30. 30 Remediation and Forensic Options
  31. 31 Mobile Surveillanceware Trends
  32. 32 RS Conference 2020 San Francisco February 24-28 Moscone Center

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.