Overview
Explore a novel proof-of-concept attack technique that bypasses traditional mobile malware detection measures and circumvents common Mobile Device Management (MDM) features in this Black Hat USA 2013 conference talk. Delve into the world of spyphones, surveillance tools surreptitiously planted on users' handheld devices, and learn how these mobile cyber-espionage attacks are carried out. Discover the differences between typical malicious mobile applications and spyphones used by nation-states. Gain insights into how this attack method can overcome encryption and other MDM security measures. Follow along as the speakers demonstrate the attack steps, including root vulnerability exploitation, secure container installation, and container hooking. Understand the key issues surrounding mobile device security and the proposed layer approach to address these vulnerabilities. Conclude with a recap of the presented information and participate in a Q&A session to further explore this critical topic in mobile security.
Syllabus
Introduction
Mobile Malware
Mobile Remote Access
Examples
Types
Benchmarks
Largescale experiment
Results
Agenda
What is MDM
What MDM solutions provide
Secure Container
Assumptions
Demo
Steps
Root Vulnerability
Securing Container
iOS
Install Secure Container
Hook Secure Container
Conclusion
Summary
Key Issues
Layer Approach
Recap
Questions
Taught by
Black Hat