Neues Buch: Mobile Hacking

Mitte 2015 kam der dpunkt.verlag auf mich zu und fragte mich, ob ich nicht Lust hätte ein Buch zum Thema “hacking mobiler apps” zu schreiben. Die Idee, ein Buch über das Thema zu schreiben, mit dem ich große Teile meines täglichen Berufsleben zu tun habe, fand ich sehr interessant, gerade auch weil es dieses Mal auf Deutsch sein sollte (was, wie ich später herausfand, deutlich schwerer ist als auf Englisch).

Nach einigen Diskussionen mit dem Verlag und zahlreichen Reviewern, entstand eine recht umfangreiche Gliederung des Buches, die für alle Seiten akzeptabel war. Ein gutes Jahr – und hunderte Stunden – später (Mai 2016) ist das Buch fertig und steht nun zum Vorbestellen auf den Seiten von Amazon und dem dpunkt.verlag bereit.

Continue reading “Neues Buch: Mobile Hacking”

Codeinspect: The all-in-one Platform for Android App Analysis

I’ve started some months ago with a post about Androguard and how to use it for reversing of Android apps. Androguard is still one of the most common tools for malware analysis and pentesting of Android apps, but there is a new tool on the horizon that I really want to show you. This tool combines a lot of the tasks that an analyst is facing during his day-to-day work routine in just one UI. The Tool is called Codeinspect and is developed at the Fraunhofer SIT.

Continue reading “Codeinspect: The all-in-one Platform for Android App Analysis”

Overview: Cryptolocker and Ransomware

Within the past 2 years, in addition to the conventional malware, the so-called Ransomware has spread massively. While in 2014 less than 10 known families/variants roamed in this area, we discovered 15 of those blackmailing apps in 2015. Within the first quarter of 2016 this number has already been exceeded (as can be seen in the table below). Last year, we saw a special form of Ransomware appearing, the so-called Cryptolocker. This special form is feared by users and security responsible people within an organization because it blocks not only the smartphone or tablet – as it is the case with Ransomware – but also all data of the user becomes encrypted on an infected device.

Continue reading “Overview: Cryptolocker and Ransomware”

Our Android Malware Summary for the Year 2015

In 2015 our Mobile-Sandbox analyzed only 25,000 Android applications that were submitted by mostly anonymous users, Anti-Virus-Companies and by our own. In the same time we had a large outage of the system (more than 4 months) due to some hardware defects and missing free time to get the system running again (I still hope to get it available for the public by end of this month).

Most of these malicious applications had been downloaded from Third-Party markets and from potentially infected mobile devices. When looking at the malicious and unwanted applications and the corresponding families, one can see the following distribution of malicious behavior:

Continue reading “Our Android Malware Summary for the Year 2015”