On final you’ll get - BOOM! - an executable RAT tool, which is undetectable for antivirus's! Cool, hah? exe using tools like pyinstaller or kind of this. It's time to look into mobile security for your Android device.Almost all of these projects use a Python code. Not planning to do this yourself? Good! But I'm sure that like me you're shocked at how easily someone with bad intentions can create a brand new Android Trojan. In fact, virtually all of the examples referenced in Chien's presentation surfaced in the free-for-all markets of China. If you really want to spread a dangerous program, you're better off uploading it in China, where there is no official Android market. Of course, malicious apps don't last long in the Android Market. Compile the modified app and upload it to the market. Chien added "FREE!" to the name for his demo.įive. While you're at it, tweak the app's name. You copy it into the folder containing the existing source code, make a small change in the manifest to run the Trojan code before the rest of the app, and edit the permissions to give the Trojanized app free access to the entire device. Adding the Trojan code is absurdly simple. For the demonstration, Chien used a known threat called Android.Geinimi.įour. You'll need to obtain Java source code that does something nasty, like sending personal information from the device to a third party. For the next step, decompile your target app. Android apps are written in Java, though, and that means that you can decompile them back to the original source code using simple, easily-available tools. It's a one-way translation there's no way to go from the final executable file back to the source code. The language compilers that create applications on your PC take textual source code and convert it into assembly language that the CPU can read and process. You can choose any app at all, but of course you'll want to pick something that will draw plenty of downloads. Here are the five simple steps Chien demonstrated: Don't worry his sample app never left the room. Eric Chien, Technical Director for Security Response, revealed the absurdly simple steps a malefactor uses to create a brand-new Trojan by creating one right in front of the audience.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |