SANS DFIR Summit 2022Speaker: Joshua Hickman
While there was an overall decrease in the number of mobile malware infections in 2021, there was a noticeable increase in mobile malware complexity. Authors have continued to add to features to mobile malware to the point that they have feature parity with desktop malware variants. Because Android has more devices, globally, it makes it a lucrative target for malware operators. Mobile device examiners, now more than ever, need to be on the lookout for malware on the Android platform, especially since more users are part of remote workforces and utilize Android-based devices. This presentation will be from a mobile examiner’s point of view, and will involve the use of a “honeyphone,” the mobile equivalent of a honeypot. Mobile device examiners will get a glimpse at a phone that has been infected with mobile malware, and, hopefully, walk away with ideas to detect it during their examinations. The presentation will discuss artifacts left behind after having run mobile malware on the honeyphone for an extended period of time, including Android system artifacts related to battery, device usage, and application permissions in addition to those that may be unique to the malware variant.
View upcoming Summits:
Download the presentation slides (SANS account required) at
Музыка
Фильмы
ТВ Шоу
Категории видео
