Presented at ToorCon San Diego 13 (2011)
Oct. 9, 2011, 11:30 a.m.
Smartphones are a hot new market for software developers. Millions of potential customers, and a large percentage willing to part with a small sum of money for your latest creation. Even a moderately successful app can help fill your pockets. It's hard to ignore for legitimate developers. It's even harder to ignore for criminals.
Things have changed from the old days of malware creation. It's no longer just about proving yourself or testing a new platform by writing proof-of-concepts(PoCs), porting old malware, and learning the idiosyncrasies of the development tools. Now it's about evading detection and taking a profit. Where there's money, crime usually follows.
The presentation is not about attribution, naming names or pointing out the parties responsible. It's about the underlying technology and the methods use, including:
- how actual examples in the wild function
- detection/analysis evasion techniques
- geographical trends in profit-taking malware
Jimmy Shah is a Mobile Security Researcher for McAfee. He works in mobile/embedded systems security. If it's lighter than a car, has a microprocessor, and is likely to be a target, then it's probably his problem. He regularly presents on mobile threat research at computer security conferences.