Stego-malware in Google Play. Findings and limitations

Friday 2 October 14:30 - 15:00, Small talks

Alfonso Muñoz (11paths - Telefonica)
Antonio Guzmán (11paths - Telefonica)

The significance of the side-channels in cybersecurity has led the evolution of some of the most recognized threats in recent years. These side-channels are usually employed to send or receive data and they can be defined in several ways. However, sometimes they require some subterfuge to hide the real purpose of the information. In this contribution we explore the potential of a known technique, called steganography, to exploit different mobile application stores as side-channels. Two alternatives have been explored: the propagation of stego-malware in these app stores and the possibility to develop an APT using these hidden channels. Focusing on the usage of images to hide payloads, our tests show that stego-malware is a real problem. We have analysed more than 2 million apps and over 7 million potential stego-images. And we can demonstrate that, with current steganalysis technology, it is feasible to use these app stores as side-channels.

Click here for more details about the conference.

Alfonso Muñoz

Alfonso Muñoz

Alfonso Muñoz (CISA, CEH, CHFI) has been working for over 10 years in security, in a variety of capacities (including intelligence, cryptanalysis and network and system security) in European companies and public organizations. He is an expert in surveillance technologies and data protection (cryptography, steganography, etc.). He has published more than 50 academic papers about security and privacy (IEEE, ACM,...). Alfonso is a regular conference speaker on the subjects of security (STIC CCN-CERT, Virus Bulletin, DEEPSEC, HackInTheBox, RootedCon, NoConName, GsickMinds).
Antonio Guzmán

Antonio Guzmán

Antonio Guzmán received his Ph.D. in computer engineering from Rey Juan Carlos University. From 2000 to 2013 he was an assistant teacher and researcher at the Rey Juan Carlos University, Spain, working in the computer architecture deparment. In 2005, he co-founded of the group of investigation Gaap (http://www.gaapsoluciones.es/), where he led the investigation efforts on security and privacy. Guzmán is author of many articles in journals, symposiums and conferences of impact (e.g IEEE, ACM, etc) and important security conferences (e.g. Defcon, Blackhat, etc). Since May 2013, Antonio Guzmán has set the teaching aside and he has focused on privately funded research on security. Nowadays, he is head of the research area in Eleven Paths, a Telefonica company, where he has filled more than 8 patents (http://www.elevenpaths.com).


twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.