SigMorph - Covert Communication Exploiting Android Signing Schemes

Explore the world of Android binary manipulation and covert communication techniques in this conference talk from nullcon. Delve into the intricacies of Android Signature Schemes (v1, v2, v3) and learn how to exploit their shortcomings to modify APK binaries without breaking signatures. Discover potential use cases, both malicious and non-malicious, including methods for embedding undetectable malicious data in legitimate Play Store applications while preserving signing signatures. Examine how this technique can be applied to create malware variations with lower detection rates, using the Pegasus malware as an example. Gain insights into advanced Android hacking and information security concepts that push the boundaries of mobile application manipulation and covert communication.