Explore the intricacies of FluBot, a sophisticated Android malware, in this 33-minute talk by Isaac Dixon at Churchill College, Cambridge. Delve into the malware's unique overlay attack strategy for impersonating banking apps and stealing user credentials. Examine FluBot's robust countermeasures against detection, analysis, and mitigation. Gain insights into the malware's client operations, protocol, and backend infrastructure. Learn about its custom encryption, spreading mechanisms, and key features. Understand the connection to the Command and Control (C2) server and the application layer protocol. Conclude with a discussion on potential defenses against this formidable threat in the mobile security landscape.
Overview
Syllabus
Introduction
How FluBot Works
FluBot Control Panel
Connection to C2 Server
Application Layer Protocol
Custom Encryption
How FluBot spreads
FluBot features
Defenses
Taught by
Churchill CompSci Talks