Adventures in Bouncerland

Presented at Black Hat USA 2012, July 25, 2012, 5 p.m. (60 minutes)

Meet <REDACTED>*. He is a single function app that wanted to be much more. He always looked up those elite malware and botnet apps but now that the Google's Bouncer moved into town his hopes and dreams appeared to be shattered. This was until he was handed text file while strolling along a shady part of the Internet (AKA Pastebin). The title of this txt file was "Bypassing Google's Bouncer in 7 steps for Fun and Profit". Upon reading this, our little app began to glow with excitement. He routed himself all the way to the gates of Google Play and began his journey from a simple benign app that <REDACTED>*, to a full-fledged info stealing botnet warrior. In this presentation will tell the story of how our little app beat the Bouncer and got the girl (well, at least all her personal information, and a few naughty pics). * Our little buddy is still having fun in the market and we don't want anyone playing around with him right now, even you CFP reviewers.

Presenters:

• Sean Schulte
• Nicholas J. Percoco   as Nicholas Percoco

Links:

• https://www.blackhat.com/html/bh-us-12/bh-us-12-archives.html#Percoco
• https://media.blackhat.com/bh-us-12/Briefings/Percoco/BH_US_12_Percoco_Bouncerland_Slides.pdf
• https://media.blackhat.com/bh-us-12/Briefings/Percoco/BH_US_12_Percoco_Adventures_in_Bouncerland_WP.pdf

Similar Presentations:

• DeepSec 2019 „Internet of Facts and Fears“ / Saving Private Brian
• A New HOPE (2022) / Tracking Android Malware and Auditing App Privacy for Fun and Non-Profit
• DEF CON 20 (2012) / Adventures in Bouncerland