Exposing Android white collar criminals

Friday 26 September 14:30 - 15:00, Red room.

Luis Corrons Panda Security

   This paper is available online (HTML, PDF).

Android has become the biggest mobile OS, and cybercriminals are taking advantage of this. One of the main ways to make money easily with the use of malware is through SMS premium services, turning our mobile devices into slot machines and skyrocketing our monthly phone bills. Until now, most of these trojans have reached Google Play simply posing as popular apps, such as Angry Birds, etc. - but during recent months new techniques have emerged, reaching a point where the trojan acknowledges that it is going to subscribe you to a premium SMS service... and users happily agree.

In this presentation we will show two different attack vectors used by two different local Spanish criminal gangs. We will show what social engineering techniques are used to get the permission to activate the premium SMS services - to (try to) avoid being prosecuted - and provide an analysis of the two trojan families, uncovering the different techniques used to perform their actions.

Taking advantage of their main weakness (trying to do things legally), we will unmask the real people behind these attacks.

Click here for more details about the conference.

Luis Corrons

Luis Corrons

Luis Corrons has been working in the security industry for more than 15 years, specifically in the anti-virus field. He is the Technical Director at PandaLabs, the malware research lab at Panda Security. Luis is a WildList reporter, member of the Board of Directors of AMTSO (the Anti-Malware Testing Standards Organization) and a member of the Board of Directors of MUTE (Malicious URLs Tracking and Exchange). He is also a top rated industry speaker at events like Virus Bulletin, HackInTheBox, APWG, Security BSides, etc. Luis also serves as liaison between Panda Security and law enforcement agencies, and has helped in a number of cybercriminal investigations.

@luis_corrons



twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.