A Practical Attack Against VDI Solutions

Presented at Black Hat Europe 2014, Oct. 16, 2014, 2:15 p.m. (60 minutes).

The secure BYOD hype is growing and Virtual Desktop Infrastructure (VDI) is considered the alternative solution for secure containers. In a nutshell, VDI solutions provide a remote workstation offering so that no data is stored locally. We decided to examine the architecture and see for ourselves whether VDI delivers on its security promise.

In this engaging session, we demonstrate a proof-of-concept attack where a malicious app leverages screen scraping to exfiltrate data through common VDI platforms. By simulating the user's interaction, we show how such an attack is not only feasible - but also efficient. While keeping the espionage activity invisible both from client-side and server-side malware detection measures, the attacker can automate the process and ultimately render the VDI solution ineffective.


Presenters:

  • Dan Koretsky - Lacoon Mobile Security
    Dan is a Senior Security Researcher and Strategist at Lacoon Mobile Security. In this position, Dan researches low-level mobile components, including static and dynamic malware analysis. As part of his research, Dan also tracks trends in the mobile malware and the mobile security arenas and has a knack for translating this tech talk to business speech. Dan brings to this role more than six years of security research, and leading research teams, in low level PC, OS and embedded components. Dan holds a BA in Computer Sciences from the Open University in Israel.

Links:

Similar Presentations: