The Android operating system has overthrown the mobile ecosystem, and has taken no prisoners. You can barely walk down the street these days, without seeing consumers completely glued to the screens of their devices. This is the age of instant, unadulterated access to the Internet, email, music and social networking. And Android has become that leading gateway. This rise in the mobile technologies has brought about a new era in information security and privacy. Since its inception, Android has been the target of exploit developers and malware connoisseurs. Recently, we have seen researchers discover a significant bug within multiple versions of the Android OS, allowing attackers to hijack Android’s package installation process and stealthily install malware to a user’s device. The Google Play store is an exploding market for newly developed applications that serve whatever functionality a user could desire. With this kind of spotlight on Android, there has become an ever-evolving cycle in finding the next critical vulnerability in the operating system, analyzing a piece of complex mobile malware, or developing a root for your favorite device. QuarksLab, an information security firm, used such techniques in order to find a subtle vulnerability in Samsung’s KNOX. The MDM client could be abused through the data schemes it had registered within the application in order to have an unsuspecting victim download a malicious application to their device. These types of flaws garnish a high level of impact when considering the market presence of Android devices. Without a doubt, vulnerabilities like the one impacting Samsung KNOX, are becoming exceedingly more present with a first to market mantra being assumed by vendors rapidly designing new software for the Android platform. In the pursuit of developing practitioners in the mobile security space, I'll be giving an introductory look into what it takes to begin reverse engineering Android applications at BSidesSF. The goal will be to teach a methodology using a suite of techniques and tools, which will help you break apart a legitimate or malicious application. This training will help each of its attendees to step out into the world of bug hunting, and malware analysis on the Android platform.
About the Author: Benjamin Watson is a Lead Security Researcher at VerSprite. When he is not pumping iron and snorting ground coffee beans, his time is focused on mobile security, embedded systems, reverse engineering and exploit development. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
