Talk: Android malware that won’t make you fall asleep

When I started my adventure with Android malware, I quickly discovered that overwhelming majority of it uses more or less the same run-of-the-mill methods to do malicious actions. There was no finesse, no head scratching and no cursewords coming to my mind when I analyzed it. So I started searching for something different. Something that would make me spend hours, days if not weeks analyzing and getting to the bottom of things. Quickly I discovered that there indeed are samples that use interesting, unique to Android, methods to fool the analyst, to make reversing harder or to simply hide some of the actions. This presentation is exactly about this – the interesting side of Android malware. There will be examples given, obfuscation tools presented and above all, it will be confusing, as is my Android RE journey.

Bio:

Senior specialist at the Incident Response Team at CERT Polska. His main interest is analysis of malware dedicated for Windows and Android operating systems. He is also a member of the Polish Chapter of The Honeynet Project, where he is responsible for honeypot network maintenance, administration and data visualization. He has a special fascination in weird and uncommon malware.