Verifying Malware Scanning Utilizing Linux (Ubuntu)
Upcoming SlideShare
Loading in...5
×
 

Verifying Malware Scanning Utilizing Linux (Ubuntu)

on

  • 2,027 views

Linux Ubuntu’s free built-in capability can natively mount Android phone images so that they can be examined and scanned for malware utilizing common anti-virus software such as AVG. However, ...

Linux Ubuntu’s free built-in capability can natively mount Android phone images so that they can be examined and scanned for malware utilizing common anti-virus software such as AVG. However, mounting the Android image and scanning it for malware requires a certain number of steps that may not be intuitive to all users. This demonstration will provide a step by step process that all users can comfortably use in future examinations, including as a supplement to verify commercial mobile forensic tools’ malware scanning utilities.

Statistics

Views

Total Views
2,027
Views on SlideShare
713
Embed Views
1,314

Actions

Likes
0
Downloads
5
Comments
0

3 Embeds 1,314

http://blog.cellebrite.com 1308
http://translate.googleusercontent.com 4
https://translate.googleusercontent.com 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Verifying Malware Scanning Utilizing Linux (Ubuntu) Verifying Malware Scanning Utilizing Linux (Ubuntu) Presentation Transcript

  • BRIDGING TRADITIONAL INVESTIGATIONS WITH TECHNOLOGY INNOVATIONS
  • MEET THE TEAMDesiree McGovern– President and Co-FounderPete McGovern– Chief Executive Officer and Co-FounderCarlos Cajigas– Training Director and Senior Forensic Analyst
  • WHAT WE DOEPYX Forensics assist clients with investigationswhere electronically stored information (ESI) ormonetary issues are relevant.• Digital Forensics• Forensic Accounting• Expert Testimony• Training
  • Objectives• Mount an Android Image usingLinux• Compare AVG, Clam andBitDefender scans
  • Android Market Share• Android has 75 percent of thesmartphone marketSource: ZDNet.com
  • Mobile Malware• In 2012 malwareincreased by 580%• Over 30,000 pieces ofmalware so far.Source: TrustGo
  • Top 3 Most Dangerous Apps• Talking Tom Cat Free– 50,000,000 Downloads• Sends phone # & device ID to 3rd party• Guitar: Solo Lite– 10,000,000 Downloads• Captures phone number to be sold.• Brightest Flashlight Free– 10,000,000 Downloads• Modify homepage & bookmarks, create shortcutsSource: TrustGo
  • Permissions• Talking Santa– 10,000,000 Downloads• Sends phone # & device ID to 3rd partySource: play.google.com
  • Talking SantaSource: play.google.com
  • Google’s play Top 500• 175,000,000 downloads ofHigh Risk appsSource: TrustGo
  • Infected? How do you know?• Scan with CelleBrite• CelleBrite uses BitDefender
  • Scan with CelleBrite• Results: 331 Infected files
  • Enter Torrent• www.virushare.com• A repository of malware samples• 6.24GB torrent (May 2013): http://t.co/oklyE1SRHV• 11,080 apk’s deemed to be malware
  • Scan with AVG• 11,080 files scanned• 456 infections found
  • Scan with Clam• 11,080 files scanned• 5716 infections found
  • Scan with BitDefender• 856610 files scanned• 16748 infections found
  • Enter Linux• Can mount Android Images withan Ext3/4 file system nativelyusing Linux• Physical acquisitions fromCellebrite and MPE+.• DMG images from LanternLite(HFSX)
  • Mounting Android Images
  • Carlos Cajigas - Contact Informationwww.epyxforensics.comcarlos@epyxforensics.com(800) 996-9420@Carlos_CajigasLET’S STAY CONNECTED