adding trojans to apps slides and projects at samsclass.info
TRANSCRIPT
![Page 1: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/1.jpg)
Slides and projects at samsclass.info
Adding Trojans to Apps
![Page 2: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/2.jpg)
Slides and projects at samsclass.info
![Page 3: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/3.jpg)
Slides and projects at samsclass.info
Broken SSLRepeating Old Work
![Page 4: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/4.jpg)
Slides and projects at samsclass.info
CERT's Test in 2014
• 23,667 vulnerable apps• All warned in 2014 by CERT
![Page 5: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/5.jpg)
Slides and projects at samsclass.info
Still Vulnerable
![Page 6: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/6.jpg)
Slides and projects at samsclass.info
Simple SSL Test• Route Android
traffic through Burp Proxy
• Don't install the PortSwigger root certificate
• This is a MITM attack
• The default browser detects it
![Page 7: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/7.jpg)
Slides and projects at samsclass.info
DEMO: PicsArt (100 Million)
![Page 8: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/8.jpg)
Slides and projects at samsclass.info
DEMO: InstaChat(100 Million)
![Page 9: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/9.jpg)
Slides and projects at samsclass.info
DEMO: OKCupid – FIXED!
![Page 10: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/10.jpg)
Slides and projects at samsclass.info
DEMO: Safeway (1 Million)
![Page 11: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/11.jpg)
Slides and projects at samsclass.info
Broken SSLMedical Apps
![Page 12: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/12.jpg)
Slides and projects at samsclass.info
CERT found 265 Vulnerable Medical Apps
![Page 13: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/13.jpg)
Slides and projects at samsclass.info
HIPAA
![Page 14: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/14.jpg)
Slides and projects at samsclass.info
My Repeat of CERT Tests
![Page 15: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/15.jpg)
Slides and projects at samsclass.info
DEMO: GenieMD
![Page 16: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/16.jpg)
Slides and projects at samsclass.info
DEMO: LowestMed corporate
![Page 17: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/17.jpg)
Slides and projects at samsclass.info
LowestMed Response
• Phone call to President of CCSF threatening a lawsuit
• After I contacted their lawyer, he told me that there is no PII in the app beyond this point, so it is not a covered entity under HIPAA
![Page 18: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/18.jpg)
Slides and projects at samsclass.info
Broken SSLTesting New Apps
![Page 19: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/19.jpg)
Slides and projects at samsclass.info
Responsible Disclosure
• I need to give these guys time to respond, so most of them are still confidential
• I can discuss one, because they fixed it really fast!
![Page 20: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/20.jpg)
Slides and projects at samsclass.info
Blue Cross Blue Shield of North Carolina
![Page 21: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/21.jpg)
Slides and projects at samsclass.info
Leaked Blue Cross Credentials
• Also leaked Facebook, Twitter, and YouTube credentials
![Page 22: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/22.jpg)
Slides and projects at samsclass.info
Fixed in Two Days
• New version refuses to use invalid SSL certificates
![Page 23: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/23.jpg)
Slides and projects at samsclass.info
Security Products
![Page 24: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/24.jpg)
Slides and projects at samsclass.info
AIG MobileGuardSecurity app required for insurance coverage
Removed from Google Play after my reports
![Page 25: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/25.jpg)
Slides and projects at samsclass.info
Already Trojaned
![Page 26: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/26.jpg)
Slides and projects at samsclass.info
Local Storage of Sensitive Data
Security Question
Security Answer
PIN
![Page 27: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/27.jpg)
Slides and projects at samsclass.info
DEMO: MobileSuperHero(10,000)
• Logs the PIN• Last update 12-13-12
![Page 28: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/28.jpg)
Slides and projects at samsclass.info
DEMO: Virgin Mobile Rescue(100,000)
• Logs the PIN• Last update 7-22-13• Must uninstall Mobile
Superhero to use it
![Page 29: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/29.jpg)
Slides and projects at samsclass.info
DEMO: Rebound (50)
• Logs the PIN• Last update 7-16-13
![Page 30: Adding Trojans to Apps Slides and projects at samsclass.info](https://reader036.vdocuments.mx/reader036/viewer/2022062322/5697c0211a28abf838cd2a54/html5/thumbnails/30.jpg)
Slides and projects at samsclass.info
DEMO: Rebound Mobile Security (50)
• Logs the PIN• Last updated 11-7-2013