Upload
tisa
View
283
Download
3
Tags:
Embed Size (px)
Citation preview
Advanced Social Network and Mobile Attack
Nipon Nachin, Consulting Manager
ITIL Expert, CISSP, GIAC GFCA, CISA, CISM, CSSLP, AMBCI, IRCA ISMS, ITSMS, BCMS Provisional Auditor, SSCP, Security+
Prathan Phongthiproek, Red-Team Manager
eCPPT, E|CSA, C|EH, CIW Security Analyst, CPTS, CWNP, CWSP, Security+, ITIL-F
ACIS Professional Center
Social Network
Source: 2008 CSI Computer Crime & Security Survey2
RSS feed
Social Network Threats
Source: 2008 CSI Computer Crime & Security Survey3
1) Malware Spam
2) Drive-By-Download
3) Malicious Applications
4) Session Hijacking
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey4
1) Osama execution video scam
2) Enable dislike button
3) Top 10 profile spies
Malware Spam
Source: 2008 CSI Computer Crime & Security Survey5
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey6
1) Malicious URL Shorten
2) Internet Explorer / Mozilla Firefox / Safari / Chrome Vulnerabilities
3) Web Browsers Toolbar
4) Adobe products vulnerabilities; **Flash, PDF, Etc
5) ActiveX and Java Applets
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey7
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey8
Victim
(4) Download exploit
(1) Client visit the landing page
(2) Redirect to get exploit
(3) Redirect to get exploit
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey9
Spyware
Viruses
Worms
Trojans
Potentially
unwanted
applications
Adware
Unwanted/
offensive
content
Phishing
Drive-By-Download
Source: 2008 CSI Computer Crime & Security Survey1
0
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Malicious Facebook Applications
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking with Firesheep
Source: 2008 CSI Computer Crime & Security Survey
1) For now, Unable to attack Facebook **Have to Modify source code
2) Only support over HTTP
- Hotmail, Twitter, Facebook, Etc
3) Sniff on-the-Fly (Wifi Hotspot)
4) Over Network, Have to ARP poisoning
Sessions Hijacking
Source: 2008 CSI Computer Crime & Security Survey
Sessions Hijacking Over HTTPS
Source: 2008 CSI Computer Crime & Security Survey
1) Using SSLStrip for kill SSL sessions
2) Rouge Access point or Arp poisoning on the wire
Sessions Hijacking Over HTTPS
Mobile Threats
Source: 2008 CSI Computer Crime & Security Survey1
9
BlackBerry
Mobile Safari Still Vulnerable To Pwn2Own Exploit
Mobile Web Browsers
Common problem: bad security UX
Android Content Provider File Disclosure
Google Latitude Zero Day Attack
Google Latitude Zero Day Attack
Google Latitude Zero Day Attack - Example
https://www.google.com/accounts/[email protected]&password=xxxxxx&s=sss=&xxx=dddddd
Google Latitude Zero Day Attack on iPhone
Google Latitude Zero Day Attack
FlexiSPY BlackBerry Spy Phone
FlexiSPY Apple iPhone Spyphone
Spyphone – ดักฟังการสนทนา
31
28th – 29th June 2011, Grand Millennium Sukhumvit, Bangkok
Copyright © 2009 TISA and its respective author(Thailand Information Security Association)
Please contact : [email protected]
http://www.TISA.or.th