Embed Size (px)
DESCRIPTION
In this engaging session, we demonstrate a live attack technique aimed at bypassing a popular MDM solution with an email encryption offering. Further, we show how the mobile surveillance software effectively renders the encryption feature useless. This demonstration includes a mobile spyware version which directly accesses the MDM’s memory storage, retrieves the plain-text emails and sends them on to a remote server. Finally, we present mitigation techniques to solve against this problem. Differentiate between mass consumer-oriented mobile attacks and targeted mobile cyber-attacks Recognise the shortcoming of MDM as a wholesome security solution Enhance mobile attack mitigation techniques through mobile activity visibility
Citation preview
Anatomy of a Targeted Attack
against Mobile Device
Management (MDM)
MDM: Penetration in the Market
Gartner, Inc. October 2012
TARGETED
MOBILE THREATS
Mobile Remote Access Trojans (aka Spyphones)
Recent High-Profiled Examples
Commercial mRATS
Survey: Cellular Network 2M Subscribers Sampling: 250K
October 2012:
1 / 1000 devices
Survey: Cellular Network 2M Subscribers Sampling: 250K
BYPASSING
MOBILE DEVICE
MANAGEMENT
(MDM) SOLUTIONS
MDMs and Secure Containers
Demo
Let’s Test These Assumptions…
Overview
Step 1: Infect the device / Android
Step 1: Infect the device / iOS
Step 2: Install a Backdoor / Android: Rooting
Step 2: Install a Backdoor / iOS: Jailbreaking
Step 3: Bypass Containerization
Step 3: Bypass Containerization
Step 3: Bypass Containerization
Step 3: Bypass Containerization
MITIGATION
TECHNIQUES
MDM
Mitigation Steps (1)
Mitigation Steps (2)
Mitigation Steps (3)
March 26 2013 → Android Trojan Found in Targeted Attack
A combination of e-mail hacking, "spear phishing," and a Trojan built specifically for Android smartphones to spy on Tibetan activists
Inside of Mobile Targeted Attack
C&C Server
View the software installed on the phone to facilitate customer software hijacking / tool to get software such as QQ, Email, MSN password
Thank You.
