A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Mobile APTs: A look at nation-state attacks and techniques for gathering intelligence from military and civilian devices - Michael Flossman Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Mobile APTs: A look at nation-state attacks and techniques for gathering intelligence from military and civilian devices
Michael Flossman
Derbycon 2017

As we increasingly rely on mobile devices to create, access, and modify sensitive information, sophisticated nation-state actors such as Russia, Israel, and the U.S. are being forced to expand their traditionally desktop focussed toolsets to now include a mobile surveillanceware capability. This talk will dive into mobile APTs, the nation-state actors leveraging them, and the commonalities and differentiators they share. We will specifically discuss the families ViperRAT and FrozenCell, two bespoke Android surveillanceware tools. One is being deployed against Palestinian individuals and organizations in conjunction with a desktop component, while the other has been seen in targeted attacks against Israeli Defense Forces personnel. Our unique insight into attacker infrastructure allows us to see how widely deployed these tools are and what information has been exfiltrated from compromised devices. The internals of these tools, their capabilities, command and control infrastructure, and their ability to successfully retrieve intelligence from compromised devices will be presented.

Michael is a security analyst at Lookout where he works on reverse engineering sophisticated mobile threats while tracking their evolution, the campaigns they are used in, and the actors behind them. He has hands-on experience in vulnerability research, incident response, security assessments, pen-testing, reverse engineering and the prototyping of automated analysis solutions. When not analyzing malware there's a good chance he's off snowboarding, diving, or looking for flaws in popular mobile apps.

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast