Slides and Live-Demo about CodeInspect from the CARO 2015 workshop are online

We gave a talk about CodeInspect at the CARO 2015 workshop in Hamburg. The slides and the live-demo (video) are available here: https://goo.gl/LblcR5

The main elements of the CodeInspect demo are:

  • Jimple manipulation
  • Interactive debugging
  • Hyperlinks in XML files (e.g., layout.xml or AndroidManifest.xml)
  • Java Source Code Enhancement

If you are interested in further videos about CodeInspect, you can find them here: http://sseblog.ec-spride.de/2014/12/codeinspect/

Enjoy!

An Investigation of the Android/BadAccents Malware

BadAccents Malware

Earlier this year, we reported on the Korean threat we identified in collaboration with McAfee Mobile Research. We have now released a technical report describing in detail the Android/BadAccents malware. Furthermore, we also describe a new tapjacking attack (also reported earlier this year) the malware exploited.

The technical report also describes the fix we submitted to the Android Security Team in January this year. Until now (approximately 4 month later), the official AOSP still doesn’t include the fix, meaning likely all Android versions are still vulnerable. Unfortunately, there is no real protection-mechanism for the user against this attack. A general recommendation from our side is the installation of apps from the official app stores and the usage of anti-virus applications (many AV vendors already detect this malware family).