Mobile App Moolah: Profit taking with Mobile Malware

Presented at DEF CON 19 (2011), Aug. 7, 2011, 1 p.m. (50 minutes).

Smartphones are a hot new market for software developers. Millions of potential customers, and a large percentage willing to part with a small sum of money for your latest creation. Even a moderately successful app can help fill your pockets. It's hard to ignore for legitimate developers. It's even harder to ignore for criminals. Things have changed from the old days of malware creation. It's no longer just about proving yourself or testing a new platform by writing proof-of-concepts(PoCs), porting old malware, and learning the idiosyncrasies of the development tools. Now it's about evading detection and taking a profit. Where there's money, crime usually follows. The presentation is not about attribution, naming names or pointing out the parties responsible. It's about the underlying technology and the methods used, including: - how actual examples in the wild function - detection/analysis evasion techniques - geographical trends in profit-taking malware

Presenters:

  • Jimmy Shah - Mobile Security Researcher
    Jimmy Shah is a Mobile Security Researcher for McAfee, specializing in analysis of mobile threats on existing platforms (J2ME, Symbian, Windows Phone, iOS, Android) and potential mobile malware and spyware. He works with a team of researchers that regularly provides analysis and research on mobile threats to McAfee clients. He has presented on mobile threat research at a number of computer security conferences.

Links:

Similar Presentations: