In Walled Gardens be Careful of Poisoned Apples

Presented at Objective by the Sea version 5.0 (2022), Oct. 6, 2022, 12:05 p.m. (25 minutes)

When Pegasus was discovered in 2016, our perception of iOS malware changed radically. While iOS malware was previously seen more as a problem of jailbroken iPhones, it was also clear afterwards that there is also malware for iPhones on the latest version of iOS. In 2019 (Google), 2021 (Amnesty International - Pegasus II / Blastdoor), 2022 (Google - Hermit) further examples were discovered where (0-day) vulnerabilities have been exploited to infect iPhones. \n\n In this talk, I‘ll provide a detailed overview of 0-1 Click iOS Malware. The talk begins with an analysis of the previous known examples (infection, malware capabilities). After that, I present the differences between iOS malware and jailbreaks, and show possibilities and requirements for detection and development of such iOS malware. Finally, I'll present ideas to improve the detection of iOS malware.

Presenters:

• Matthias Frielingsdorf - Security Researcher at Deutsche Bahn
  Matthias day to day job is to secure Deutsche Bahn’s Smartphones and Tablets. In his previous work life he was testing mobile security software and upcoming security products for T-Systems. \n\n Matthias is passionate about all things related to iOS security. When he’s not playing basketball or games he loves to spend his time learning new things around iOS. This year's focus is on reverse engineering and exploit development.

Links:

• https://objectivebythesea.org/v5/talks.html#Speaker_23

Similar Presentations:

• Black Hat USA 2022 / TruEMU: An Extensible, Open-Source, Whole-System iOS Emulator
• Black Hat Asia 2016 / su-a-Cyder: Homebrewing Malware for iOS Like a B0$$!
• AppSec USA 2013 / iOS Application Defense - iMAS