...stuff I do and things I like...

Tuesday, September 01 2015

Mobile Security News Update September 2015

Conferences
    Black Hat Europe Nov 12-13 Amsterdam. (IN-)SECURITY OF BACKEND-AS-A-SERVICE by Siegfried Rasthofer & Steven Arzt. ALL YOUR ROOT CHECKS BELONG TO US: THE SAD STATE OF ROOT DETECTION by Azzedine Benameur & Nathan Evans & Yun Shen. AUTHENTICATOR LEAKAGE THROUGH BACKUP CHANNELS ON ANDROID by Guangdong Bai. LTE & IMSI CATCHER MYTHS by Ravishankar Borgaonkar & Altaf Shaik.

    Ruxcon Oct 25. Melbourne Australia. HIGH-DEF FUZZING: EXPLORING VULNERABILITIES IN HDMI-CEC by JOSHUA 'KERNELSMITH' SMITH. DESIGN, IMPLEMENTATION AND BYPASS OF THE CHAIN-OF-TRUST MODEL OF IOS by Team Pangu.

    Hacker Halted September 17th, Atlanta GA. One SMS to hack a company by Dmitry Chastuhin. Why You'll Care More About Mobile Security in 2020 by Tom Bain.

    Virus Bulletin September 29th, Prague. Mobile banking fraud via SMS in North America: who's doing it and how by Cathal Mc Daid. Will Android trojan, worm or rootkit survive in SEAndroid and containerization? by William Lee and Rowland Yu. Dare 'DEVIL': beyond your senses with Dex Visualizer by Jun Yong Park and Seolwoo Joo. Android ransomware: turning CryptoLocker into CryptoUnlocker (live demo) by Alexander Adamov.

CFPs Unfortunately I had to cancel my talk at Android Security Symposium in Vienna due to a scheduling conflict. It is a real bummer but I can't do anything about it. The replacement talk is done by my friend and research buddy Matthias he is doing a talk on one of our previous mitigation projects.

The iOS KeyRaider malware looks rather interesting. It combines a lot of different functionality. Such as steeling AppStore credentials and a ransomware module. This malware again only targets jailbroken iOS devices, users specifically had to download apps from third-party Cydia repositories. So this is not a general threat but a threat to people who jailbreak their device. If you jailbreak you likely have a very specific need and you hopefully know what you are doing. If not, just don't jailbreak your device (no matter what OS is runs).

I just found this recently published paper titled: Header Enrichment or ISP Enrichment? Emerging Privacy Threats in Mobile Networks. The paper studies HTTP header modifications and injection that is done by mobile network operators. The paper more or less is a direct follow up to my paper on the same subject titled: Privacy Leaks in Mobile Phone Internet Access. Their paper looks at what happens to smart phones that actually use HTTP (my work was mostly focused on phones that used the WAP technology - even though WAP was translated to HTTP to access regular web pages). Anyway their paper provides a good insight in what is happening. If you run a website that get a lot of mobile traffic you should look if you see some of the HTTP headers that are injected by the mobile carriers.

Links
A rather short updates this time. Until next time!