"Unmasking the Godfather - Reverse Engineering the Latest Android Banking Trojan" by Laurie Kirk

Sdílet
Vložit
  • čas přidán 8. 10. 2023
  • Banking malware has wreaked havoc on millions of Android users over the last few years, employing advanced stealth techniques to evade detection. During this presentation, I will reverse engineer the Java code of the pervasive Godfather Android banking malware demonstrating how to recognize its modern devious tactics. The Godfather malware surfaced towards the end of 2022 as another family dedicated to stealing banking data and funds from victims. Initial infection spawns from abuse of core Android system services and accomplish their theft by spying on infected devices, exfiltrating data, or performing remote device commands. Some banking trojans even generate fake HTML overlays designed to trick users into willingly entering credentials. But don’t worry, I’m not just here to scare you! By the end of this talk, you will thoroughly understand the Godfather’s deceptive functionality and likely think twice before granting an application extra permissions.
    Laurie Kirk
    Reverse Engineer at Microsoft
    @lauriewired
    I currently work as a Security Researcher at Microsoft in incident response. I specialize in cross-platform malware analysis with a focus on mobile threats. I also run a CZcams channel (@LaurieWired) that covers all sorts of in-depth Malware Analysis, Reverse-Engineering, Exploitation and security topics. / @lauriewired I worked as a Software Engineer for an aerospace company before finding my current calling in Cyber Security. I received my Bachelor's Degree from Florida State University in Computer Science with a minor in Math. There, I dove into learning computer architecture, algorithms, and my favorite, low-level programming.
    ----
    Recorded Sept 22, 2023 at Strange Loop 2023 in St. Louis, MO.
    thestrangeloop.com
  • Věda a technologie

Komentáře • 8

  • @Caminante-blanco
    @Caminante-blanco Před 20 hodinami

    This was super helpful and well explained!

  • @ArthurAGleckler
    @ArthurAGleckler Před 8 měsíci +14

    What a great talk! This is the best presentation I've seen on reverse-engineering malware for those of us who are technically proficient, but not steeped in this subfield. Thanks.

  • @SkyHighBeyondReach
    @SkyHighBeyondReach Před 7 dny

    Thanks these videos were incredibly helpful

  • @ofeki4533
    @ofeki4533 Před 5 měsíci +1

    Great talk! best I've ever seen on this topic
    Thanks🙌

  • @AnHourOfWolves
    @AnHourOfWolves Před 8 měsíci +4

    Great presentation, enjoyed it! Thanks for posting.

  • @doremi8889
    @doremi8889 Před 7 měsíci

    This is an amazing talk! Really loved it! Could this sample be downloaded from somewhere, so we can follow along while watching?

  • @break8090
    @break8090 Před 6 měsíci +3

    Thanks for Laurie ❤

  • @nbme-answers
    @nbme-answers Před 8 měsíci +3

    great introduction to breaking down an app !

Další v pořadí
Automatické přehrávání
"The Economics of Programming Languages" by Evan Czaplicki (Strange Loop 2023)43:58"The Economics of Programming Languages" by Evan Czaplicki (Strange Loop 2023)
"The Economics of Programming Languages" by Evan Czaplicki (Strange Loop 2023)Strange Loop Conference
zhlédnutí 118K
Kaspersky vs 2000 Malware12:42Kaspersky vs 2000 Malware
Kaspersky vs 2000 MalwareThe PC Security Channel
zhlédnutí 203K
DEF CON 23 - Chris Domas - Repsych: Psychological Warfare in Reverse Engineering38:49DEF CON 23 - Chris Domas - Repsych: Psychological Warfare in Reverse Engineering
DEF CON 23 - Chris Domas - Repsych: Psychological Warfare in Reverse EngineeringDEFCONConference
zhlédnutí 160K
La la la la 🤣🥰❤️ #demariki00:12La la la la 🤣🥰❤️ #demariki
La la la la 🤣🥰❤️ #demarikiDemariki
zhlédnutí 23M
Instagram: Why are the Bad Boys always doing the most? 😂🚪🔒 #badboys00:49Instagram: Why are the Bad Boys always doing the most? 😂🚪🔒 #badboys
Instagram: Why are the Bad Boys always doing the most? 😂🚪🔒 #badboysKhaby. Lame
zhlédnutí 14M
Bringing a new meaning to hill sprints 😮‍💨 #hardenduro01:00Bringing a new meaning to hill sprints 😮‍💨 #hardenduro
Bringing a new meaning to hill sprints 😮‍💨 #hardenduroRed Bull Motorsports
zhlédnutí 8M
Who says Goldman Statue is not getting kisses at work?😎 #performer #livingstatue #streetart00:20Who says Goldman Statue is not getting kisses at work?😎 #performer #livingstatue #streetart
Who says Goldman Statue is not getting kisses at work?😎 #performer #livingstatue #streetartSilverman Statue Official
zhlédnutí 41M
DEF CON 31 - Runtime Riddles - Abusing Manipulation Points in the Android Source - Laurie Kirk41:59DEF CON 31 - Runtime Riddles - Abusing Manipulation Points in the Android Source - Laurie Kirk
DEF CON 31 - Runtime Riddles - Abusing Manipulation Points in the Android Source - Laurie KirkDEFCONConference
zhlédnutí 11K
Better than Lab? Gamut reduction CIE Lab & OKLab - Chris Lilley (W3C)20:28Better than Lab? Gamut reduction CIE Lab & OKLab - Chris Lilley (W3C)
Better than Lab? Gamut reduction CIE Lab & OKLab - Chris Lilley (W3C)W3C
zhlédnutí 3,7K
Dynamically Analyzing Linux Black Basta Ransomware24:33Dynamically Analyzing Linux Black Basta Ransomware
Dynamically Analyzing Linux Black Basta RansomwareLaurieWired
zhlédnutí 17K
Deciphering Obfuscated JavaScript Malware31:12Deciphering Obfuscated JavaScript Malware
Deciphering Obfuscated JavaScript MalwareLaurieWired
zhlédnutí 64K
What Does a Former Black Hat Hacker Carry Everyday?27:05What Does a Former Black Hat Hacker Carry Everyday?
What Does a Former Black Hat Hacker Carry Everyday?Shawn Ryan Show
zhlédnutí 395K
I don't understand why people buy Steam Decks...22:11I don't understand why people buy Steam Decks...
I don't understand why people buy Steam Decks...Zac Builds
zhlédnutí 727K
"Concatenative programming and stack-based languages" by Douglas Creager40:30"Concatenative programming and stack-based languages" by Douglas Creager
"Concatenative programming and stack-based languages" by Douglas CreagerStrange Loop Conference
zhlédnutí 12K
Learn Reverse Engineering (for hacking games)7:26Learn Reverse Engineering (for hacking games)
Learn Reverse Engineering (for hacking games)cazz
zhlédnutí 974K
So You Think You Know Git - FOSDEM 202447:00So You Think You Know Git - FOSDEM 2024
So You Think You Know Git - FOSDEM 2024GitButler
zhlédnutí 972K
How charged your battery?00:14How charged your battery?
How charged your battery?V.A. show / Магика
zhlédnutí 3,7M
$30 vs $350 Microphone00:42$30 vs $350 Microphone
$30 vs $350 MicrophoneNathan Espinoza
zhlédnutí 3,1M
iPhone 12 socket cleaning #fixit00:30iPhone 12 socket cleaning #fixit
iPhone 12 socket cleaning #fixitTamar DB (mt)
zhlédnutí 21M
14 most AWKWARD Tech Fails of all time28:2114 most AWKWARD Tech Fails of all time
14 most AWKWARD Tech Fails of all timeMrwhosetheboss
zhlédnutí 6M
НЕЛЕПЫЙ ФЕЙЛ при замене гнезда на Usb-c в Xiaomi Redmi AirDots #wireless #mi #redmi00:58НЕЛЕПЫЙ ФЕЙЛ при замене гнезда на Usb-c в Xiaomi Redmi AirDots #wireless #mi #redmi
НЕЛЕПЫЙ ФЕЙЛ при замене гнезда на Usb-c в Xiaomi Redmi AirDots #wireless #mi #redmiYUKI
zhlédnutí 8M
They Turned off this GPU Factory For Me!15:31They Turned off this GPU Factory For Me!
They Turned off this GPU Factory For Me!Linus Tech Tips
zhlédnutí 809K
Why I'm buying a $500 phone instead of a $1000 one00:11Why I'm buying a $500 phone instead of a $1000 one
Why I'm buying a $500 phone instead of a $1000 oneSixxuaYT
zhlédnutí 1,5M
don't throw your faulty fan00:24don't throw your faulty fan
don't throw your faulty fanAB Electric
zhlédnutí 612K