Real Advances in Android Malware

Presented at HOPE Number Nine (2012), July 13, 2012, 3 p.m. (60 minutes)

Attackers are starting to move on from simple attacks, mainly because users are beginning to figure out that the free adult entertainment or chat app shouldn’t be sending SMS messages to expensive numbers. They’re leveraging techniques from PC malware like server-side polymorphism, vulnerability exploits, botnets and network updates, and preemptive/direct attacks against security software. It’s not all that bad. Attackers aren’t going out of their way to discover their own vulnerabilities or writing their own exploits. They’re happy to re-purpose the work done by legitimate developers, security researchers, and the rooting community. If the malware has gotten trickier, what are those tricks? A look at portions of code and how earlier research is adapted by attackers.


  • Jimmy Shah
    Jimmy Shah is a mobile security researcher specializing in analysis of mobile/embedded threats on existing platforms (J2ME, Symbian, Windows Phone, iOS, Android) and potential mobile malware and spyware. If it’s lighter than a car, has a microprocessor, and is likely to be a target, it’s probably his problem. He has presented on mobile threat research at a number of computer security conferences.


Similar Presentations: