It's everywhere in the news, and I couldn't resist trying to figure out how it works. I think I roughly found out but we'll have to wait for Karsten Nohl's presentation at BlackHat to see if I was right :) Getting ciphertexts Mobile phones are capable of receiving OTA (Over The Air) commands ('update', 'get status'...) in the form of SMS messages sent by their service provider. Fortunately, those messages support encryption and integrity checks. More specifically, the secure packet header specifies the algorithm and key set identifier to use... [Read More]
by RSS Axelle Apvrille  |  Jul 24, 2013  |  Filed in: Security Research
Since the beginning, the malicious Android DroidKungFu family has always been showing technologically advanced features (see one of our previous posts on DroidKungFu). The recent versions of the malware (version F and G) follow the same trend as they are now experiencing ways to hide their malicious behavior in native executables and additionally encrypting string constants within these. For instance, variant F - which has been found to trojan some samples of the famous Cut the Rope game - runs a service named UpdateCheck whose first task is to... [Read More]
by RSS Axelle Apvrille  |  May 11, 2012  |  Filed in: Security Research