Android OEM's applications (in)security and backdoors ... - QuarksLAB

More documents

Recommendations

Info

Android introduction Android security model Methodology Toward a backdoor without permission Post-exploitation SMS/MMS sending and files exfiltration Vuln1 - SecMms.apk The malwares and premium SMS Current Android malwares ask for the SEND SMS permission Easily detectable and suspect for an user What about a malware which can send premium SMS without asking for permission?
Android introduction Android security model Methodology Toward a backdoor without permission Post-exploitation SMS/MMS sending and files exfiltration Vuln1 - SecMms.apk The malwares and premium SMS Current Android malwares ask for the SEND SMS permission Easily detectable and suspect for an user What about a malware which can send premium SMS without asking for permission? There is an app for that SecMms.apk exported BroadcastReceiver -> ui.MmsBGSender An well formatted Intent allows to send arbitrary SMS/MMS
Page 1 and 2: Android OEM’s applications (in)se
Page 3 and 4: Android introduction Android securi
Page 41: Android introduction Android securi
Page 92 and 93:
Android introduction Android securi
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112:
contact@quarkslab.com I @quarkslab.
show all

Android OEM's applications (in)security and backdoors ... - QuarksLAB

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?