Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Zen - A Complex Campaign of Harmful Android Apps

Hack In The Box Security Conference via YouTube

Overview

Explore the intricate world of Android malware in this 38-minute conference talk from the Hack In The Box Security Conference. Delve into the complex "Zen" campaign and other harmful Android apps, uncovering sophisticated techniques used by malware authors to monetize their creations. Learn about root access exploitation, fake Google account generation, click fraud, and spam apps. Discover how these malicious actors circumvent security measures, including CAPTCHA bypass and various persistence mechanisms. Gain insights into the evolution of Android malware, from simple app repackaging to advanced rooting trojans, and understand the challenges posed by improving Android security. Follow along as Łukasz Siewierski, a Reverse Engineer on the Android Security team at Google, breaks down the technical details and presents a timeline of the malware author's creations.

Syllabus

Intro
Repackaging an app and using custom ads
What is a click fraud malware?
Click fraud for everything
Step 1: download and execute exploits
Step 2: enable accessibility services you
Account creation
Phone numbers are supplied by the C&C
Code injection
to get the CAPTCHA image...
and solve it...
and hook internal methods...
and hook a bit more
Obfuscation: DES
Persistence (1): writing to install-recovery.sh
Persistence (II): installing apps in /system
Persistence (1ll): framework modification
Persistence (IV): injecting into
Persistence summary
Timeline of the author's creations

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Zen - A Complex Campaign of Harmful Android Apps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.