Explore vulnerabilities in Android stalkerware apps and their servers in this Ekoparty 2021 conference talk. Discover how security flaws can lead to serious user impacts, including account takeovers, PII data leaks, unauthorized account removals, and credential exposures. Learn about the potential for fabricated evidence and the challenges in addressing these issues. Gain insights from malware analyst Lukas Stefanko as he discusses the research process, exploitable issues, and the broader implications for mobile security and privacy.
Vulnerabilities Discovered in Android Stalkerware - Mobile Hacking
Ekoparty Security Conference via YouTube
Overview
Syllabus
Introduction
What is stalkerware
Where we gathered information
What we did
Exploitable issues
Impacts
Hardcoded secrets
Results
Summary
Taught by
Ekoparty Security Conference