SlideShare a Scribd company logo

How to Protect Mobile Banking Users from BankBot

Download as PPTX, PDF
Zimperium
Zimperium

BankBot is Android-targeting malware using fake overlay screens to mimic existing banking apps to fool users and steal credentials. The newest BankBot variants target over 150 legitimate apps from banks based in 27 different countries. BankBot has evolved to intelligently target users based on geography, apps, and advanced Two-Factor Authentication in order to mislead users.

Technology
1 of 19
0All Rights Reserved © 2017 ZL1022817 JT Keating Vice President of Product Strategy
1All Rights Reserved © 2017 BankBot
2All Rights Reserved © 2017 BankBot M o b i l e T h r e a t s A r e R e a l … Phase 1 Phase 3 Phase 2
3All Rights Reserved © 2017 User Installs Utility App Containing BankBot1
4All Rights Reserved © 2017 2
5All Rights Reserved © 2017 3 BankBot Receives Template from C&C
6All Rights Reserved © 2017 3 BankBot Receives Template from C&C
7All Rights Reserved © 2017 4 BankBot Monitors For Target App Launch
8All Rights Reserved © 2017 5 BankBot Displays Fake Overlay
9All Rights Reserved © 2017 6 User Provides Credentials to BankBot
10All Rights Reserved © 2017 7 Unique Variation for UAE Banks • Before it shows the overlay page, BankBot requests the user’s phone number. • The C&C server sends a pin code to the victim. • After entering the pin, the victim is instructed to input bank details (two times, to make sure the attacker has valid credentials).
D, N & A are Not Created Equally Device Attacks THE Sole Objective for Persistent Foothold Network Attacks The Primary Mechanism for Targeted Attacks Application Attacks Untargeted, Advertising & Fraud Threats
12All Rights Reserved © 2017 BankBot Can Do Even More… • Sending and intercepting SMS messages • Making calls • Tracking infected devices • Stealing contacts
13All Rights Reserved © 2017 Manually Analyzing Apps is Futile M o b i l e T h r e a t s A r e R e a l … Source: Statista, Zimperium 0 500000 1000000 1500000 2000000 2500000 3000000 3500000 4000000 4500000 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18 Jul-18 Aug-18 Sep-18 Oct-18 Nov-18 Dec-18 Jan-19 Feb-19 Mar-19 Apr-19 May-19 Apps Needing Analysis App Research Capacity AppsinAppStore
z9™ detection engine uses machine learning to provide real-time, on-device protection against both known and unknown threats Network Attacks Application AttacksDevice Attacks PATENTED DETECTION ENGINE
15All Rights Reserved © 2017 Zimperium MTD Platform Enterprise Dashboard, Forensics, Administration Advanced App Analysis: Threat, Risk & Privacy Detect and prevent threats to Mobile Devices Generate Self-Protecting Mobile Apps Via an SDK
16All Rights Reserved © 2017 zIAP™ – World class In-App Protection All the DNA detection capabilities of z9 to detect: ❯ Standard use cases, e.g., jailbreak detection ❯ Sophisticated attacks that let hackers: ❯ Steal data ❯ Log keystrokes ❯ Hijack network connections ❯ Read your app’s memory and files ❯ Jeopardize privacy
17All Rights Reserved © 2017 Thwarting BankBot Embedded in an app that is attacked by malware including BankBot, zIAP detects the threat and can immediately terminate the session and/or flag the account for high fraud risk.
18All Rights Reserved © 2017

Recommended

Zimperium Enterprise Mobile Threats
Zimperium Enterprise Mobile ThreatsZimperium Enterprise Mobile Threats
Zimperium Enterprise Mobile ThreatsZimperium
 
Zimperium Global Threat Intelligence - Q2 2017
Zimperium Global Threat Intelligence - Q2 2017Zimperium Global Threat Intelligence - Q2 2017
Zimperium Global Threat Intelligence - Q2 2017Zimperium
 
Mobile Security: Perceptions vs Device-harvested Reality
Mobile Security: Perceptions vs Device-harvested RealityMobile Security: Perceptions vs Device-harvested Reality
Mobile Security: Perceptions vs Device-harvested RealityZimperium
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentationixiademandgen
 
Bitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityBitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityKazi Sarwar Hossain
 
Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseNowSecure
 
Mobile Security - 2015 Wrap-up and 2016 Predictions
Mobile Security - 2015 Wrap-up and 2016 PredictionsMobile Security - 2015 Wrap-up and 2016 Predictions
Mobile Security - 2015 Wrap-up and 2016 PredictionsSkycure
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 

Recommended

Zimperium Enterprise Mobile Threats
Zimperium Enterprise Mobile ThreatsZimperium Enterprise Mobile Threats
Zimperium Enterprise Mobile ThreatsZimperium
 
Zimperium Global Threat Intelligence - Q2 2017
Zimperium Global Threat Intelligence - Q2 2017Zimperium Global Threat Intelligence - Q2 2017
Zimperium Global Threat Intelligence - Q2 2017Zimperium
 
Mobile Security: Perceptions vs Device-harvested Reality
Mobile Security: Perceptions vs Device-harvested RealityMobile Security: Perceptions vs Device-harvested Reality
Mobile Security: Perceptions vs Device-harvested RealityZimperium
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentationixiademandgen
 
Bitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityBitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityKazi Sarwar Hossain
 
Five mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseFive mobile security challenges facing the enterprise
Five mobile security challenges facing the enterpriseNowSecure
 
Mobile Security - 2015 Wrap-up and 2016 Predictions
Mobile Security - 2015 Wrap-up and 2016 PredictionsMobile Security - 2015 Wrap-up and 2016 Predictions
Mobile Security - 2015 Wrap-up and 2016 PredictionsSkycure
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & SecurityNafis Khan Chowdhury
 
Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Angelo Rüggeberg
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 
Pegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowPegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowSkycure
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppAppknox
 
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...apidays
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesSkycure
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwarePro Mrkt
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organizationRapidSSLOnline.com
 
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewartapidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewartapidays
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Hacker Proof: Building Secure Software
Hacker Proof: Building Secure SoftwareHacker Proof: Building Secure Software
Hacker Proof: Building Secure SoftwareCesar Cerrudo
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
NEC-IBM_Event_093015
NEC-IBM_Event_093015NEC-IBM_Event_093015
NEC-IBM_Event_093015Alexis Bernardino
 

More Related Content

What's hot

Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Angelo Rüggeberg
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityKevin Lee
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 
Pegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowPegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowSkycure
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppAppknox
 
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...apidays
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesSkycure
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwarePro Mrkt
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security BrokersAbhishek Tripathi
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organizationRapidSSLOnline.com
 
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewartapidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewartapidays
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Hacker Proof: Building Secure Software
Hacker Proof: Building Secure SoftwareHacker Proof: Building Secure Software
Hacker Proof: Building Secure SoftwareCesar Cerrudo
 

What's hot (20)

Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]Hacking Android [MUC:SEC 20.05.2015]
Hacking Android [MUC:SEC 20.05.2015]
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshare
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
Mobile security
Mobile securityMobile security
Mobile security
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 
Pegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to KnowPegasus Spyware - What You Need to Know
Pegasus Spyware - What You Need to Know
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
The Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android AppThe Ultimate Security Checklist Before Launching Your Android App
The Ultimate Security Checklist Before Launching Your Android App
 
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
apidays LIVE Singapore 2021 - Securing the Open Source supply chain by Liran ...
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
 
Mobile security
Mobile securityMobile security
Mobile security
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer Malware
 
Cloud Access Security Brokers
Cloud Access Security BrokersCloud Access Security Brokers
Cloud Access Security Brokers
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organization
 
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewartapidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
apidays LIVE LONDON - API Abuse - Comprehension and Prevention by David Stewart
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkits
 
Hacker Proof: Building Secure Software
Hacker Proof: Building Secure SoftwareHacker Proof: Building Secure Software
Hacker Proof: Building Secure Software
 

Similar to How to Protect Mobile Banking Users from BankBot

The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceDelivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceNowSecure
 
Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGreg Wartes, MCP
 
Humming bad research-report-final-62916
Humming bad research-report-final-62916Humming bad research-report-final-62916
Humming bad research-report-final-62916Andrey Apuhtin
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat Security Conference
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
CWIN17 New-York / adopting a cloud first strategy to fuel growth
CWIN17 New-York / adopting a cloud first strategy to fuel growthCWIN17 New-York / adopting a cloud first strategy to fuel growth
CWIN17 New-York / adopting a cloud first strategy to fuel growthCapgemini
 
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...CWIN17 New-York / a best customer or worst nightmare putting ai to work for...
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...Capgemini
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 
Artificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionArtificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionJérôme Kehrli
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Greg Wartes, MCP
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Understanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemUnderstanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemMarketingArrowECS_CZ
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepIBM Security
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateNat Sakimura
 
Is Your API Being Abused – And Would You Even Notice If It Was?
Is Your API Being Abused – And Would You Even Notice If It Was?Is Your API Being Abused – And Would You Even Notice If It Was?
Is Your API Being Abused – And Would You Even Notice If It Was?Nordic APIs
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...NowSecure
 

Similar to How to Protect Mobile Banking Users from BankBot (20)

The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
 
NEC-IBM_Event_093015
NEC-IBM_Event_093015NEC-IBM_Event_093015
NEC-IBM_Event_093015
 
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligenceDelivering secure mobile financial services (MFS) - "Frictionless" vs diligence
Delivering secure mobile financial services (MFS) - "Frictionless" vs diligence
 
Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapter
 
Kba talk track 2018
Kba talk track 2018Kba talk track 2018
Kba talk track 2018
 
Humming bad research-report-final-62916
Humming bad research-report-final-62916Humming bad research-report-final-62916
Humming bad research-report-final-62916
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
CWIN17 New-York / adopting a cloud first strategy to fuel growth
CWIN17 New-York / adopting a cloud first strategy to fuel growthCWIN17 New-York / adopting a cloud first strategy to fuel growth
CWIN17 New-York / adopting a cloud first strategy to fuel growth
 
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...CWIN17 New-York / a best customer or worst nightmare putting ai to work for...
CWIN17 New-York / a best customer or worst nightmare putting ai to work for...
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber Security
 
Artificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionArtificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud Prevention
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud Computing
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Understanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemUnderstanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent Them
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
 
Is Your API Being Abused – And Would You Even Notice If It Was?
Is Your API Being Abused – And Would You Even Notice If It Was?Is Your API Being Abused – And Would You Even Notice If It Was?
Is Your API Being Abused – And Would You Even Notice If It Was?
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
 

Recently uploaded

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

How to Protect Mobile Banking Users from BankBot

  • 1. 0All Rights Reserved © 2017 ZL1022817 JT Keating Vice President of Product Strategy
  • 2. 1All Rights Reserved © 2017 BankBot
  • 3. 2All Rights Reserved © 2017 BankBot M o b i l e T h r e a t s A r e R e a l … Phase 1 Phase 3 Phase 2
  • 4. 3All Rights Reserved © 2017 User Installs Utility App Containing BankBot1
  • 6. 5All Rights Reserved © 2017 3 BankBot Receives Template from C&C
  • 7. 6All Rights Reserved © 2017 3 BankBot Receives Template from C&C
  • 8. 7All Rights Reserved © 2017 4 BankBot Monitors For Target App Launch
  • 9. 8All Rights Reserved © 2017 5 BankBot Displays Fake Overlay
  • 10. 9All Rights Reserved © 2017 6 User Provides Credentials to BankBot
  • 11. 10All Rights Reserved © 2017 7 Unique Variation for UAE Banks • Before it shows the overlay page, BankBot requests the user’s phone number. • The C&C server sends a pin code to the victim. • After entering the pin, the victim is instructed to input bank details (two times, to make sure the attacker has valid credentials).
  • 12. D, N & A are Not Created Equally Device Attacks THE Sole Objective for Persistent Foothold Network Attacks The Primary Mechanism for Targeted Attacks Application Attacks Untargeted, Advertising & Fraud Threats
  • 13. 12All Rights Reserved © 2017 BankBot Can Do Even More… • Sending and intercepting SMS messages • Making calls • Tracking infected devices • Stealing contacts
  • 14. 13All Rights Reserved © 2017 Manually Analyzing Apps is Futile M o b i l e T h r e a t s A r e R e a l … Source: Statista, Zimperium 0 500000 1000000 1500000 2000000 2500000 3000000 3500000 4000000 4500000 Sep-17 Oct-17 Nov-17 Dec-17 Jan-18 Feb-18 Mar-18 Apr-18 May-18 Jun-18 Jul-18 Aug-18 Sep-18 Oct-18 Nov-18 Dec-18 Jan-19 Feb-19 Mar-19 Apr-19 May-19 Apps Needing Analysis App Research Capacity AppsinAppStore
  • 15. z9™ detection engine uses machine learning to provide real-time, on-device protection against both known and unknown threats Network Attacks Application AttacksDevice Attacks PATENTED DETECTION ENGINE
  • 16. 15All Rights Reserved © 2017 Zimperium MTD Platform Enterprise Dashboard, Forensics, Administration Advanced App Analysis: Threat, Risk & Privacy Detect and prevent threats to Mobile Devices Generate Self-Protecting Mobile Apps Via an SDK
  • 17. 16All Rights Reserved © 2017 zIAP™ – World class In-App Protection All the DNA detection capabilities of z9 to detect: ❯ Standard use cases, e.g., jailbreak detection ❯ Sophisticated attacks that let hackers: ❯ Steal data ❯ Log keystrokes ❯ Hijack network connections ❯ Read your app’s memory and files ❯ Jeopardize privacy
  • 18. 17All Rights Reserved © 2017 Thwarting BankBot Embedded in an app that is attacked by malware including BankBot, zIAP detects the threat and can immediately terminate the session and/or flag the account for high fraud risk.