axelle


Tomorrow starts the quite famous - and ever sold-out - security conference Shmoocon, held in Washington DC until Sunday. The keynote this year will be filled by Peiter Mudge Zatko, inventor of L0phtcrack and early pioneer of buffer overflows. Among the talks filling the tri-tracks program (Build it / Break it / Bring it on), we're glad to find our Crypto Girl, Axelle, who will present a paper she co-wrote with Kyle Yang (another regular poster on this blog) on the infamous mobile phone malware Zitmo, that we discovered (simultaneously with Spanish... [Read More]
by RSS Guillaume Lovet  |  Jan 27, 2011  |  Filed in: Security Research
The more I analyze the SymbOS/Album malware, the more it scares me. The main malicious executable, Album.exe, is actually capable of processing incoming commands included in SMS messages sent by the value-added service provider number 106650xxx. Typical commands are: download and install software, get phone information or update software. Now, that starts to look like a botnet, even though it isn't (yet?) a very scalable way to communicate with bots because the bot master must send an SMS to each bot it manages. More in details, the Album... [Read More]
by RSS Axelle Apvrille  |  Jul 15, 2010  |  Filed in: Security Research