"Android Security" - Link- und Literaturverzeichnis
Dipl.-Inform. Carsten Eilers
"Android Security" - Link- und Literaturverzeichnis
Kapitel 1: Android im Visier der Cyberkriminellen
- [1] Carsten Eilers: "Sicher, sicherer, iOS?", Mobile Technology 4.2012
- [2] Robert Lipovsky, ESET We live security: "ESET Analyzes First Android File-Encrypting, TOR-enabled Ransomware"
- [3] Simon Bell: "How To Dissect Android Simplelocker Ransomware"
- [4] Simon Bell: "Creating An Antidote For Android Simplelocker Ransomware"
- [5] Carsten Eilers: "GameOver Zeus - Der Name eines Botnets wird zum Programm"
- [6] Kevin Mahaffey, Lookout Blog: "Security Alert: DroidDream Malware Found in Official Android Market", 1.3.2011
- [7] Vanja Svajcer, Sophos Naked Security: "Aftermath of the Droid Dream Android Market malware attack", 3.3.2011
- [8] Rich Cannings, Google Mobile Blog: "An Update on Android Market Security", 5.3.2011
- [9] Rich Cannings, Tim Bray; Android Developers Blog: "Exercising Our Remote Application Removal Feature", 23.6.2010
- [10] Graham Cluley, Sophos Naked Security: "Android malware clean-up exposes reliance on mobile carriers to push out updates", 7.3.2011
- [11] Jon Oberheide, Duo Security Blog: "Early Results from X-Ray: Over 50% of Android Devices are Vulnerable", 12.9.2013
- [12] Paul Roberts, Sophos Naked Security: "More than half of Androids have unpatched security holes, research claims", 17.9.2012
- [13] Graham Cluley, Sophos Naked Security: "Apple: Androids are much less likely to be running an up-to-date OS than iPhones and iPads", 11.6.2012
- [14] Graham Cluley, Sophos Naked Security: "Fake Instagram app infects Android devices with malware", 18.4.2012
- [15] Graham Cluley, Sophos Naked Security: "The Legend of Zelda and dirty tricks by Android apps in the Google Play store", 26.4.2012
- [16] Graham Cluley, Sophos Naked Security: "Fake Apple apps appear on Android Google Play store", 19.11.2012
- [17] Graham Cluley, Sophos Naked Security: "Fake Plants vs Zombies and other Android games infiltrate Google Play store, make money for fraudsters", 21.1.2013
- [18] Sean Sullivan, F-Secure Blog: "Bad Bad Piggies On Google Play", 12.6.2013
- [19] Vanja Svajcer, Sophos Naked Security: "Fake Android Market Security tool delivers more than just a cure for Droid Dream malware", 10.3.2011
- [20] Carsten Eilers: "Angst einflößende Schadsoftware: Scareware", 4.11.2010
- [21] Jovi Umawing, ThreatTrack Security Labs: "New Twitter Spam Run Leads to Android Rogue AV", 14.5.2012
- [22] Graham Cluley, Sophos Naked Security: "Fake anti-virus disguises used by Android malware", 16.5.2012
- [23] Karmina, F-Secure Blog: "Perfecting the Fake - Android Edition", 4.9.2012
- [24] SecResponse, F-Secure Blog: "Not the Mobile Antivirus You Were Looking For", 6.6.2013
- [25] Paul Ducklin, Sophos Naked Security: "Android malware in pictures - a blow-by-blow account of mobile scareware", 31.5.2013
- [26] Graham Cluley, Sophos Naked Security: "New Android Trojan horse could prove costly", 16.2.2011
- [27] Vanja Svajcer, Sophos Naked Security: "Malicious cloned games attack Google Android Market", 12.12.2011
- [28] ThreatSolutions (Irene), F-Secure Blog: "Trojan:Android/OpFake.D Still Encodes Its Config File", 31.1.2012
- [29] Graham Cluley , Sophos Naked Security: "Android malware poses as Angry Birds Space game", 12.4.2012
- [30] Sean Sullivan, F-Secure Blog: "Trojan:Android/Pincer.A", 5.4.2013
- [31] Carsten Eilers: "Zeus - Trojaner, Botnet, Schädlingsbaukasten, ...", 17.3.2011
- [32] Carsten Eilers: "Zeus wird mobil - jetzt auch auf Android", 14.7.2011
- [33] Vanja Svajcer, Sophos Naked Security: "SpyEye targeting Android users - just a copy of Zeus's strategy?", 16.9.2011
- [34] Polizei Berlin: "Präventionshinweis für Onlinebanking im mTAN-Verfahren", 13.11.2012
- [35] Graham Cluley, Sophos Naked Security: "Banking malware found on Android Marketplace", 11.1.2010
- [36] Carsten Eilers: "Drive-by-Infektionen - Gefahren drohen überall", 8.7.2010
- [37] Vanja Svajcer, Sophos Naked Security: "Android malware spreads via Facebook [VIDEO]", 24.2.2012
- [38] Chester Wisniewski, Sophos Naked Security: "Notcom malware for Android distributed using drive-by downloads", 3.5.2012
- [39] Sean Sullivan, F-Secure Blog: "Video: Angry Birds Space Trojan & Drive-by Android", 18.5.2012
- [40] Jaikumar Vijayan, Computerworld: "Remote access tools a growing threat to smartphones", 1.3.2012
- [41] George Kurtz, Dmitri Alperovitch; RSA Conference 2012: "Hacking Exposed: Mobile RAT Edition", Februar 2012:
Video
und Präsentation als
PDF
- [42] Graham Cluley, Sophos Naked Security: "8000 iPhone and Android users duped into joining smartphone botnet", 9.3.2010
- [43] Chester Wisniewski Sophos Naked Security: "Android botnet wants to sell you Viagra, penny stocks and e-cards", 5.7.2012
- [44] Chester Wisniewski, Sophos Naked Security: "Android spam bots? What we know for sure", 6.7.2012
- [45] Vanja Svajcer, Sophos Naked Security: "What is worse on Android? Malware or PUAs?", 13.9.2012
- [46] Sean Sullivan, F-Secure Blog: "Google Play: Potentially Unwanted", 11.3.2013
- [47] Vanja Svajcer, Sophos Naked Security: "A chink in Android Armour", 10.1.2013
- [48] Hiroshi Lockheimer, Google Mobile Blog: "Android and Security", 2.2.2012
Kapitel 2: Androids Sicherheit aus Forschersicht
- [1] Alex Kirk, "Hack in the Box" Malaysia 2011: "Mobile Malware Analysis"
(Präsentation als PDF)
- [2] Mahmud Ab Rahman, "Hack in the Box" Malaysia 2011: "Reverse Engineering Android Malware"
(Präsentation als PDF)
- [3] Kevin Mahaffey, The Official Lookout Blog: "Security Alert: DroidDream Malware Found in Official Android Market"
- [4] Carsten Eilers: "Zeus wird mobil - jetzt auch auf Android"
- [5] Carsten Eilers: "Die smsTAN ist tot, der SMS-Dieb schon da!"
- [6] Paul Sabanal, "Hack in the Box" Amsterdam 2014: "State of the ART: Exploring the New Android KitKat Runtime"
- [7] Carsten Eilers: "Schutzmaßnahmen: ASLR gegen Pufferüberlauf-Schwachstellen"
- [8] Collin Mulliner, "Hack in the Box" Malaysia 2013: "Android DDI: Dynamic Dalvik Instrumentation of Android Applications and Framework"
- [9] Collin Mulliner: ddi - Dynamic Dalvik Instrumentation Toolkit
- [10] Jeff Forristal, Black Hat USA 2013: "Android: One Root to Own Them All"
- [11] Brian Donohue, ThreatPost.com: "Android Master Key Malware Emerged Before Official Patch Details"
- [12] Dennis Fisher, ThreatPost.com: "Jeff Forristal on the Android Master-Key Vulnerability"
- [13] Anthony Lineberry, Tim Strazzere, Tim Wyatt; Black Hat USA 2011: "Don't Hate the Player, Hate the Game: Inside the Android Security Patch Lifecycle"
- [14] Tim Wyatt: "Inside the Android Security Patch Lifecycle"
- [15] Lookout Mobile Threat Report 2011, Abschnitt "Platform Vulnerabilities + Patching"
- [16] Marcus Niemietz, Black Hat Abu Dhabi 2012: "UI Redressing Attacks on Android Devices"
- [17] Marcus Niemietz, Black Hat Asia 2014: "UI Redressing Attacks on Android Devices Revisited"
- [18] Carsten Eilers: "Clickjacking - Angriffe auf Seiten ohne Schwachstellen"
- [19] Ajit Hatti, Black Hat Europe 2013: "Lets Play Applanting..."
- [20] George Hotz (Geohot): Towelroot
- [21] George Hotz (Geohot), xda-developers Forum: "I'm throwing a party and you should come **GS5 ROOT THREAD**"
- [22] CVE-2014-3153
- [23] Kees Cook, oss-sec Mailing List: "Re: Linux kernel futex local privilege escalation (CVE-2014-3153)"
- [24] Victor van der Veen, "Hack in the Box" Malaysia 2013: "TraceDroid: A Fast and Complete Android Method Tracer"
(Präsentation als PDF)
- [25] Alexandra Dmitrienko, Ahmad Sadeghi, Christopher Liebchen, Lucas Davi; Black Hat Abu Dhabi 2012: "Over-the-Air Cross-platform Infection for Breaking mTAN-based Online Banking Authentication"
- [26] Charlie Miller, Black Hat USA 2012: "Don’t stand so close to me - An analysis of the NFC attack surface"
- [27] Charlie Miller, "Hack in the Box" Malaysia 2012: "Don’t Stand So Close to Me: An Analysis of the NFC Attack Surface"
(Präsentation als PDF)
- [28] Daniel Peck, Black Hat USA 2013: "Abusing Web APIs Through Scripted Android Applications"
Kapitel 3: Vom Smartphone zum Spy Phone
- [1] Barton Gellman, Ashkan Soltani; The Washington Post: "NSA tracking cellphone locations worldwide, Snowden documents show"
- [2] The Washington Post: "FASCIA: The NSA's huge trove of location records"
- [3] Malte Spitz: "Sechs Monate meines Lebens in 35.000 Datensätzen"
- [4] Kai Biermann, Zeit Online: "Was Vorratsdaten über uns verraten"
- [5] Lorenz Matzat, Zeit Online: "Malte Spitz’ Vorratsdaten: Der Datensatz unter der Lupe"
- [6] Zeit Online: Verräterisches Handy
- [7] Ranga Yogeshwar: "Mein digitaler Verrat"
- [8] Kevin McNamee: "How To Build a SpyPhone"
- [9] Github: DesignativeDave / androrat - Remote Administration Tool for Android devices
- [10] Andrea Lelli, Symantec: "Remote Access Tool Takes Aim with Android APK Binder"
- [11] Handy-Überwachungs-Software - Handy Spyware - mSpy
- [12] Lisa Vaas, Sophos Naked Security: "mSpy app lets someone remotely snoop on you through your phone or tablet"
- [13] Daniel Brodie, Michael Shaulov; Black Hat USA 2013: "A Practical Attack against MDM Solutions"
- [14] Daniel Brodie, Michael Shaulov; Black Hat Europe 2013: "Practical Attacks against Mobile Device Management (MDM) Solutions"
- [15] Brendan O'Connor; Black Hat USA 2013: "CreepyDOL: Cheap, Distributed Stalking"
- [16] Brendan O'Connor: "CreepyDOL"
- [17] Dan Goodin; Ars Technica: "DIY stalker boxes spy on Wi-Fi users cheaply and with maximum creep value"
- [18] Lisa Vaas, Sophos Naked Security: "Nordstrom tracking customer movement via smartphones' WiFi sniffing"
- [19] Angela Martin, CBS Dallas / Fort Worth: "Nordstrom Using Smart Phones To Track Customers Movements"
- [20] Mark Stockley, Sophos Naked Security: "Is your smartphone broadcasting your movements when you shop?"
- [21] Brian Fung; The Washington Post: "How stores use your phone’s WiFi to track your shopping habits"
- [22] Lisa Vaas, Sophos Naked Security: "London says media company's spying rubbish bins stink"
- [23] Dennis Fisher; Threatpost: "Apple Starts iBeacon Tracking System in Stores"
- [24] Tom Ritter, Doug DePerry, Andrew Rahimi; Black Hat USA 2013: "I can hear you now: Traffic interception and remote mobile phone cloning with a compromised CDMA Femtocell"
- [25] Tom Ritter, iSEC Partners Blog: "Femtocell Presentation Slides, Videos and App"
- [26] Github: iSECPartners / femtocatcher
- [27] Victor Chebyshev, Kaspersky: "Mobile attacks!"
Zurück