The Android Malware Story

Its Android everywhere these days. Be it the smart phones, the tablets or the TVs. Everything seems to be androidified. A lot has already been discussed about the basics of android.

So, this article is a description of how I created my own malware, which made it to Clubhack 2011.

One day, me and my friend Subho Halder, were discussing about Android malwares and the possibilities. The android malwares became quite popular after Geinimi (the first android malware with botnet capabilities). We decided to have a look at the android malwares and analyzing it.

Being geeks from the beginning, we looked for the sample. We stumbled on an amazing  website (contagiodump.blogspot.com), which had most of the mobile malware samples. We downloaded the all the malware sample collection, did the reversing (with dex2jar and jd-gui), and studied almost every malware including simple ones like Dogowar, HippoSMS, LoveTrap to GGTracker and Geinimi.

Read the rest of this entry »

Android Exploitation : Exploiting the Webkit Vuln.

Hello All !

I was going through some of the Android exploits, and came through the Webkit Use-after-free vulnerablitity. So, i decided to go ahead with it, and actually try getting a remote shell.

The exploit was originally discovered by MJ Keith and later  tweaked by Itzhak Avraham. I used Zuk’s code in my demonstration.

Here is the modified exploit by Zuk : Link

I will go into the technical details of the vulnerability and the exploit in later blog posts.

Read the rest of this entry »

Hacking your Droid : Clubhack 2011

Hey all. I was there at the Clubhack 2011, India’s own international security conference two weeks back. I spoke on “Hacking your Droid” which was a talk about Android Security and Malwares.

If you want the slides, here they are : Slides

If you want to see the whole presentation, and a live demonstration of the malware i created, you can see the video here.

Also, i will be soon writing more about Android malwares, botnets and exploitation.

Thanks.