SlideShare a Scribd company logo

Join the phishing dots to detect suspicious mobile apps

Leonardo Amor
Leonardo Amor

This document discusses using Tacyt and Sinfonier tools to detect suspicious mobile apps. Tacyt is an innovative tool for monitoring and analyzing mobile threats, while Sinfonier is a visual programming tool for building security intelligence workflows. The document demonstrates how these tools can be used together to detect human errors in apps, monitor new and dead apps daily, and visualize relationships between apps, developers, and embedded files.

Data & Analytics
1 of 72
Download to read offline
Unifying the Global Response to Cybercrime Join the phishing dots to detect suspicious mobile apps Leonardo Amor & Carlos Díaz Telefónica LeoAmor@telefonica.com & Carlos.DiazHidalgo@telefonica.com
Telefonica  Group   21   Countries   120.000 Employees   50.377m   Income   >340m   Customers  
Our  employees   Mostly:   •  Telco  engineers   •  Computer  Science   •  Engineers   •  …..   •  Science  or  ScienCst  people  
But  there  also  space  to:   •  Lawyers   •  Business  administraCon   •  Economist   •  Psychologist     •  Philologist  
Diversity  
Diversity  
Ideas  explosion    
Code!   ü Unfortunately  yet  not  everyone  knows  to  code   ü Fortunately  everyday  schools  are  geRng  it  should  be  one  more  basic  class.    
The  need  of  visual  coding   ü   &  Visual  Data  
Sinfonier  Our  Open  project  to  visual  coding     ++ = Drag  &  Drop   Interface   AutomaCc   Deploy  API   Storm   Cluster  
Sinfonier  
Tacyt  One  of  our  sources   May   18   19   20   21   22   23   24   New   10.105   5.702     9.998   15.483   15.294   9.394   10.647   Dead   1.140   2.200   2.014   1.917   2.856   1.446   646   Up  3  Million   Apps  today   21.649  of  them  contains  .apks   50.993  has  links  to  .cn  domains  
One  of  these  ideas    
Laziness  
 or  Intense  work   ü   To  check  human  errors  inside  APPs  (Shared  CerCficates,  e-­‐mails,  URL’s,  APK’s…)        
16 DISCOVER, DISRUPT, DELIVER It’s demo time Tacyt + Sinfonier
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/   Reinject  into   the  topology   the  new  list  of   applicaCons   found  
Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
Data  VisualizaCon   ü hfp://d3js.org/   ü D3.js  is  a  JavaScript  library  for  manipulaCn  documents  based  on  data  
Data  VisualizaCon:  Data  EnCCes   ü hfp://ecrime2015.us.to:2015/zoom.html     “key”     [packageName][version][market]   hfps://play.google.com/store/apps/details?id=com.zaccur.b07.main     GP  “developerEmail”   embedded  link  that  points  an  “apk”  file   hfp://d.guomob.com/1142/2.apk    
Data  VisualizaCon:  Example1   ü hfp://ecrime2015.us.to:2015/example1.html   ü GP  link:  hfps://play.google.com/store/apps/details?id=com.qfang.qfangmobile     •  One  developer   –  3117479220@qq.com   •  One  mobile  applicaCon  in  GP   –  com.qfang.qfangmobile   •  Five  embedded  “apk”  files   –  hfp://down.gao7.com/Files/down/wxjx_2.2.3_C227.apk   –  hfp://s.51aiya.com/content/down/aiya14100234.apk   –  hfp://www.159cai.com/download/vip/43332/159cai_shouji.apk   –  hfp://shoufu.3gu.com/Run/Upload/Apk/QFangWang.apk   –  hfp://www.wanggouchao.com/data/apk/wgc/v2.5.6/wgc_10021.apk  
Data  VisualizaCon:  Example1   ü hfp://ecrime2015.us.to:2015/example1.html   ü GP  link:  hfps://play.google.com/store/apps/details?id=com.qfang.qfangmobile     •  One  developer   –  3117479220@qq.com   •  One  mobile  applicaCon  in  GP   –  com.qfang.qfangmobile   •  Five  embedded  “apk”  files   –  hfp://down.gao7.com/Files/down/wxjx_2.2.3_C227.apk   –  hfp://s.51aiya.com/content/down/aiya14100234.apk   –  hfp://www.159cai.com/download/vip/43332/159cai_shouji.apk   –  hfp://shoufu.3gu.com/Run/Upload/Apk/QFangWang.apk   –  hfp://www.wanggouchao.com/data/apk/wgc/v2.5.6/wgc_10021.apk  
Data  VisualizaCon:  Example2   ü hfp://ecrime2015.us.to:2015/example2.html     •  Three  differents  developers   –  joowill9588@gmail.com   –  hong@jingeng.cn   –  info@bluby.com   •  Four  mobile  applicaCons  in  GP     •  Three  applicaCons  point  to  the  same   embedded  “apk”  files   –  hfp://update.iuoooo.com/Android/ componentvoice/xfyy1.apk   –  hfp://update.iuoooo.com/Android/ componentvoice/xfyy2.apk  
Data  VisualizaCon:  Example3   ü hfp://ecrime2015.us.to:2015/example3.html     •  Three  different  developers   •  7  mobile  applicaCons  in  GP   •  13  embedded  “apk”  files    
Data  VisualizaCon:  Example4   ü hfp://ecrime2015.us.to:2015/farm.html    
Analysis  of  a  Case   ü hfp://ecrime2015.us.to:2015/managementapp.html   One  developer:   •  gameungdunghay@gmail.com  
com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   com.giaitriviet.androidgp.womanday  :  500-­‐1000   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   com.giaitriviet.androidgp.womanday  :  500-­‐1000   com.giaitriviet.androidgp.saigon  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   com.giaitriviet.androidgp.vietnam  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   com.giaitriviet.androidgp.vietnam  :  10-­‐50   com.giaitriviet.androidgp.saigon1950  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.masterchef  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   com.giaitriviet.androidgp.fallsaigon1975  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   com.giaitriviet.androidgp.fallsaigon1975  :  10-­‐50   com.giaitriviet.android.caravat  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
Domain:  mediafire.com   Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html   All  links  are  up  
Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html  
Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html  
Analysis  of  a  Case:  HotGirl  &  ChanDai   ü hfp://ecrime2015.us.to:2015/managementapp.html   Be  a  variant  of  a  known  malware  family   The  app  creates  or  modifies  SMS   Monitors  phone  state  (incoming  calls)   Uploads  the  list  of  apps  currently  running   to  a  remote  server   The  app  modifies  shortcuts  on  the  home   screen  
Data  VisualizaCon:  Satellite  Photo   ü hfp://ecrime2015.us.to:2015/     ü If  you  click  this  URL,  most  likely  you  are  running  out  of  memory  in  your  computer   h9p://ecrime2015.us.to:2015/    
Data  VisualizaCon:  Satellite  Photo   ü hfp://ecrime2015.us.to:2015/     ü If  you  click  this  URL,  most  likely  you  are  running  out  of  memory  in  your  computer  
Conclusions   •  This  presentaCon  is  only  the  beginning  …   •  We  have  generated  a  RSS  feed  of  embedded   “apk”  files  …   •  We  have  a  graphical  representaCon  of  the   relaConship  between  three  types  of  enCCes  …   •  …  now  is  the  Cme  for  analysts  
Community   Join  us:       sinfonier-­‐project.net     @e_Sinfonier   @flexpired                          @LeoAmorV  
Join the phishing dots to detect suspicious mobile apps

Recommended

#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
ffranz
 
Hallowed be thy packets by Paul Coggin
Hallowed be thy packets by Paul CogginHallowed be thy packets by Paul Coggin
Hallowed be thy packets by Paul Coggin
EC-Council
 
Short 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket BotnetShort 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket Botnet
UISGCON
 
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
RootedCON
 
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
RootedCON
 
Analyse Yourself
Analyse YourselfAnalyse Yourself
Analyse Yourself
Norberto Leite
 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0
Dinis Cruz
 
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
n|u - The Open Security Community
 

Recommended

#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
#RootedCON2012 - DNS: A botnet dialect - Carlos Diaz & Francisco J. Gomez
ffranz
 
Hallowed be thy packets by Paul Coggin
Hallowed be thy packets by Paul CogginHallowed be thy packets by Paul Coggin
Hallowed be thy packets by Paul Coggin
EC-Council
 
Short 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket BotnetShort 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket Botnet
UISGCON
 
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...
RootedCON
 
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
Francisco Jesús Gómez & Carlos Juan Diaz - Sinfonier: Storm Builder for Secur...
RootedCON
 
Analyse Yourself
Analyse YourselfAnalyse Yourself
Analyse Yourself
Norberto Leite
 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0
Dinis Cruz
 
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
nullcon 2011 - Vulnerabilities and Malware: Statistics and Research for Malwa...
n|u - The Open Security Community
 
System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0
Pankesh Patel
 
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Sigma Software
 
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in PragueContinuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Roman Pickl
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
Sylvain Martinez
 
Future Role of the Architect
Future Role of the ArchitectFuture Role of the Architect
Future Role of the Architect
Riccardo Bennett-Lovsey
 
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Bhavin Chandarana
 
Ds latino alejandrov4
Ds latino alejandrov4Ds latino alejandrov4
Ds latino alejandrov4
alejandro_xf
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
sparkfabrik
 
Data Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of ThingsData Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of Things
VMware Tanzu
 
Continuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystemContinuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystem
Roman Pickl
 
Awalin-CapWIC
Awalin-CapWICAwalin-CapWIC
Awalin-CapWIC
Awalin Sopan
 
Why Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your websiteWhy Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your website
Jason Grigsby
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
Tomasz Jakubowski
 
Trends in front end engineering_handouts
Trends in front end engineering_handoutsTrends in front end engineering_handouts
Trends in front end engineering_handouts
AE - architects for business and ict
 
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
CODE BLUE
 
Ce hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflowCe hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflow
Mehrdad Jingoism
 
How open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open OyHow open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open Oy
Mindtrek
 
Filtering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media StreamingFiltering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media Streaming
Cloud Elements
 
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming FeaturesHDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
Hortonworks
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
DefCamp
 
Sinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security IntelligenceSinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security Intelligence
Leonardo Amor
 
Be More Dog, Enise 2013
Be More Dog, Enise 2013Be More Dog, Enise 2013
Be More Dog, Enise 2013
Leonardo Amor
 

More Related Content

Similar to Join the phishing dots to detect suspicious mobile apps

System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0
Pankesh Patel
 
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Sigma Software
 
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in PragueContinuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Roman Pickl
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
Sylvain Martinez
 
Future Role of the Architect
Future Role of the ArchitectFuture Role of the Architect
Future Role of the Architect
Riccardo Bennett-Lovsey
 
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Bhavin Chandarana
 
Ds latino alejandrov4
Ds latino alejandrov4Ds latino alejandrov4
Ds latino alejandrov4
alejandro_xf
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
sparkfabrik
 
Data Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of ThingsData Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of Things
VMware Tanzu
 
Continuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystemContinuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystem
Roman Pickl
 
Awalin-CapWIC
Awalin-CapWICAwalin-CapWIC
Awalin-CapWIC
Awalin Sopan
 
Why Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your websiteWhy Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your website
Jason Grigsby
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
Tomasz Jakubowski
 
Trends in front end engineering_handouts
Trends in front end engineering_handoutsTrends in front end engineering_handouts
Trends in front end engineering_handouts
AE - architects for business and ict
 
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
CODE BLUE
 
Ce hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflowCe hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflow
Mehrdad Jingoism
 
How open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open OyHow open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open Oy
Mindtrek
 
Filtering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media StreamingFiltering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media Streaming
Cloud Elements
 
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming FeaturesHDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
Hortonworks
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
DefCamp
 

Similar to Join the phishing dots to detect suspicious mobile apps (20)

System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0System and Software Engineering for Industry 4.0
System and Software Engineering for Industry 4.0
 
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»Роман Родоманський, «Досвід побудови Contact Tracing рішення»
Роман Родоманський, «Досвід побудови Contact Tracing рішення»
 
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in PragueContinuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
Continuous Code Quality with the Sonar Ecosystem @GeeCON 2017 in Prague
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
Future Role of the Architect
Future Role of the ArchitectFuture Role of the Architect
Future Role of the Architect
 
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
Smart Cities Part 1: Introduction (Slides for Talk on IoT, Pune Meetup)
 
Ds latino alejandrov4
Ds latino alejandrov4Ds latino alejandrov4
Ds latino alejandrov4
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
 
Data Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of ThingsData Science Powered Apps for Internet of Things
Data Science Powered Apps for Internet of Things
 
Continuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystemContinuous Code Quality with the sonar ecosystem
Continuous Code Quality with the sonar ecosystem
 
Awalin-CapWIC
Awalin-CapWICAwalin-CapWIC
Awalin-CapWIC
 
Why Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your websiteWhy Progressive Web Apps will transform your website
Why Progressive Web Apps will transform your website
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
 
Trends in front end engineering_handouts
Trends in front end engineering_handoutsTrends in front end engineering_handouts
Trends in front end engineering_handouts
 
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
[CB16] Security in the IoT World: Analyzing the Security of Mobile Apps for A...
 
Ce hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflowCe hv8 module 18 buffer overflow
Ce hv8 module 18 buffer overflow
 
How open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open OyHow open source empowers startups to start big, with case Double Open Oy
How open source empowers startups to start big, with case Double Open Oy
 
Filtering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media StreamingFiltering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media Streaming
 
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming FeaturesHDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
HDF 3.1 pt. 2: A Technical Deep-Dive on New Streaming Features
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
 

More from Leonardo Amor

Sinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security IntelligenceSinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security Intelligence
Leonardo Amor
 
Be More Dog, Enise 2013
Be More Dog, Enise 2013Be More Dog, Enise 2013
Be More Dog, Enise 2013
Leonardo Amor
 
Managed Security Services as a Formula1 race
Managed Security Services as a Formula1 raceManaged Security Services as a Formula1 race
Managed Security Services as a Formula1 race
Leonardo Amor
 
Ya están dentro ¿y Ahora qué?
Ya están dentro ¿y Ahora qué?Ya están dentro ¿y Ahora qué?
Ya están dentro ¿y Ahora qué?
Leonardo Amor
 
Proteccion moviles Monterrey
Proteccion moviles MonterreyProteccion moviles Monterrey
Proteccion moviles Monterrey
Leonardo Amor
 
Protege tu empresa en la era Wikileaks
Protege tu empresa en la era WikileaksProtege tu empresa en la era Wikileaks
Protege tu empresa en la era Wikileaks
Leonardo Amor
 
El papel de la seguridad en la era PostPc
El papel de la seguridad en la era PostPcEl papel de la seguridad en la era PostPc
El papel de la seguridad en la era PostPc
Leonardo Amor
 
Protege los dispositivos móviles de tu empresa
Protege los dispositivos móviles de tu empresaProtege los dispositivos móviles de tu empresa
Protege los dispositivos móviles de tu empresa
Leonardo Amor
 
Think Local, Be Global
Think Local, Be GlobalThink Local, Be Global
Think Local, Be Global
Leonardo Amor
 
3G Dialers, A New Demon with an Old Scan
3G Dialers, A New Demon with an Old Scan3G Dialers, A New Demon with an Old Scan
3G Dialers, A New Demon with an Old Scan
Leonardo Amor
 

More from Leonardo Amor (10)

Sinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security IntelligenceSinfonier Storm Builder for Security Intelligence
Sinfonier Storm Builder for Security Intelligence
 
Be More Dog, Enise 2013
Be More Dog, Enise 2013Be More Dog, Enise 2013
Be More Dog, Enise 2013
 
Managed Security Services as a Formula1 race
Managed Security Services as a Formula1 raceManaged Security Services as a Formula1 race
Managed Security Services as a Formula1 race
 
Ya están dentro ¿y Ahora qué?
Ya están dentro ¿y Ahora qué?Ya están dentro ¿y Ahora qué?
Ya están dentro ¿y Ahora qué?
 
Proteccion moviles Monterrey
Proteccion moviles MonterreyProteccion moviles Monterrey
Proteccion moviles Monterrey
 
Protege tu empresa en la era Wikileaks
Protege tu empresa en la era WikileaksProtege tu empresa en la era Wikileaks
Protege tu empresa en la era Wikileaks
 
El papel de la seguridad en la era PostPc
El papel de la seguridad en la era PostPcEl papel de la seguridad en la era PostPc
El papel de la seguridad en la era PostPc
 
Protege los dispositivos móviles de tu empresa
Protege los dispositivos móviles de tu empresaProtege los dispositivos móviles de tu empresa
Protege los dispositivos móviles de tu empresa
 
Think Local, Be Global
Think Local, Be GlobalThink Local, Be Global
Think Local, Be Global
 
3G Dialers, A New Demon with an Old Scan
3G Dialers, A New Demon with an Old Scan3G Dialers, A New Demon with an Old Scan
3G Dialers, A New Demon with an Old Scan
 

Recently uploaded

Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
yuvarajkumar334
 
ML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
ML-PPT-UNIT-2 Generative Classifiers Discriminative ClassifiersML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
ML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
MastanaihnaiduYasam
 
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理 原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
tzu5xla
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
Timothy Spann
 
Cell The Unit of Life for NEET Multiple Choice Questions.docx
Cell The Unit of Life for NEET Multiple Choice Questions.docxCell The Unit of Life for NEET Multiple Choice Questions.docx
Cell The Unit of Life for NEET Multiple Choice Questions.docx
vasanthatpuram
 
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
eoxhsaa
 
一比一原版莱斯大学毕业证(rice毕业证)如何办理
一比一原版莱斯大学毕业证(rice毕业证)如何办理一比一原版莱斯大学毕业证(rice毕业证)如何办理
一比一原版莱斯大学毕业证(rice毕业证)如何办理
zsafxbf
 
Econ3060_Screen Time and Success_ final_GroupProject.pdf
Econ3060_Screen Time and Success_ final_GroupProject.pdfEcon3060_Screen Time and Success_ final_GroupProject.pdf
Econ3060_Screen Time and Success_ final_GroupProject.pdf
blueshagoo1
 
How To Control IO Usage using Resource Manager
How To Control IO Usage using Resource ManagerHow To Control IO Usage using Resource Manager
How To Control IO Usage using Resource Manager
Alireza Kamrani
 
Template xxxxxxxx ssssssssssss Sertifikat.pptx
Template xxxxxxxx ssssssssssss Sertifikat.pptxTemplate xxxxxxxx ssssssssssss Sertifikat.pptx
Template xxxxxxxx ssssssssssss Sertifikat.pptx
TeukuEriSyahputra
 
Experts live - Improving user adoption with AI
Experts live - Improving user adoption with AIExperts live - Improving user adoption with AI
Experts live - Improving user adoption with AI
jitskeb
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
uevausa
 
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
yuvarajkumar334
 
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
agdhot
 
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
Marlon Dumas
 
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
hyfjgavov
 
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
Vietnam Cotton & Spinning Association
 
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
eudsoh
 
Drownings spike from May to August in children
Drownings spike from May to August in childrenDrownings spike from May to August in children
Drownings spike from May to August in children
Bisnar Chase Personal Injury Attorneys
 
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
aguty
 

Recently uploaded (20)

Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS NOTES FOR MCA
 
ML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
ML-PPT-UNIT-2 Generative Classifiers Discriminative ClassifiersML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
ML-PPT-UNIT-2 Generative Classifiers Discriminative Classifiers
 
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理 原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
原版一比一爱尔兰都柏林大学毕业证(UCD毕业证书)如何办理
 
DSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelinesDSSML24_tspann_CodelessGenerativeAIPipelines
DSSML24_tspann_CodelessGenerativeAIPipelines
 
Cell The Unit of Life for NEET Multiple Choice Questions.docx
Cell The Unit of Life for NEET Multiple Choice Questions.docxCell The Unit of Life for NEET Multiple Choice Questions.docx
Cell The Unit of Life for NEET Multiple Choice Questions.docx
 
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
一比一原版多伦多大学毕业证(UofT毕业证书)学历如何办理
 
一比一原版莱斯大学毕业证(rice毕业证)如何办理
一比一原版莱斯大学毕业证(rice毕业证)如何办理一比一原版莱斯大学毕业证(rice毕业证)如何办理
一比一原版莱斯大学毕业证(rice毕业证)如何办理
 
Econ3060_Screen Time and Success_ final_GroupProject.pdf
Econ3060_Screen Time and Success_ final_GroupProject.pdfEcon3060_Screen Time and Success_ final_GroupProject.pdf
Econ3060_Screen Time and Success_ final_GroupProject.pdf
 
How To Control IO Usage using Resource Manager
How To Control IO Usage using Resource ManagerHow To Control IO Usage using Resource Manager
How To Control IO Usage using Resource Manager
 
Template xxxxxxxx ssssssssssss Sertifikat.pptx
Template xxxxxxxx ssssssssssss Sertifikat.pptxTemplate xxxxxxxx ssssssssssss Sertifikat.pptx
Template xxxxxxxx ssssssssssss Sertifikat.pptx
 
Experts live - Improving user adoption with AI
Experts live - Improving user adoption with AIExperts live - Improving user adoption with AI
Experts live - Improving user adoption with AI
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
 
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCAModule 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
Module 1 ppt BIG DATA ANALYTICS_NOTES FOR MCA
 
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
一比一原版加拿大麦吉尔大学毕业证(mcgill毕业证书)如何办理
 
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
Discovering Digital Process Twins for What-if Analysis: a Process Mining Appr...
 
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
一比一原版兰加拉学院毕业证(Langara毕业证书)学历如何办理
 
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
[VCOSA] Monthly Report - Cotton & Yarn Statistics March 2024
 
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
一比一原版马来西亚博特拉大学毕业证(upm毕业证)如何办理
 
Drownings spike from May to August in children
Drownings spike from May to August in childrenDrownings spike from May to August in children
Drownings spike from May to August in children
 
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
一比一原版澳洲西澳大学毕业证(uwa毕业证书)如何办理
 

Join the phishing dots to detect suspicious mobile apps

  • 1. Unifying the Global Response to Cybercrime Join the phishing dots to detect suspicious mobile apps Leonardo Amor & Carlos Díaz Telefónica LeoAmor@telefonica.com & Carlos.DiazHidalgo@telefonica.com
  • 2. Telefonica  Group   21   Countries   120.000 Employees   50.377m   Income   >340m   Customers  
  • 3. Our  employees   Mostly:   •  Telco  engineers   •  Computer  Science   •  Engineers   •  …..   •  Science  or  ScienCst  people  
  • 4. But  there  also  space  to:   •  Lawyers   •  Business  administraCon   •  Economist   •  Psychologist     •  Philologist  
  • 8. Code!   ü Unfortunately  yet  not  everyone  knows  to  code   ü Fortunately  everyday  schools  are  geRng  it  should  be  one  more  basic  class.    
  • 9. The  need  of  visual  coding   ü   &  Visual  Data  
  • 10. Sinfonier  Our  Open  project  to  visual  coding     ++ = Drag  &  Drop   Interface   AutomaCc   Deploy  API   Storm   Cluster  
  • 12. Tacyt  One  of  our  sources   May   18   19   20   21   22   23   24   New   10.105   5.702     9.998   15.483   15.294   9.394   10.647   Dead   1.140   2.200   2.014   1.917   2.856   1.446   646   Up  3  Million   Apps  today   21.649  of  them  contains  .apks   50.993  has  links  to  .cn  domains  
  • 13. One  of  these  ideas    
  • 15.  or  Intense  work   ü   To  check  human  errors  inside  APPs  (Shared  CerCficates,  e-­‐mails,  URL’s,  APK’s…)        
  • 16. 16 DISCOVER, DISRUPT, DELIVER It’s demo time Tacyt + Sinfonier
  • 17. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 18. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 19. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 20. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 21. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 22. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 23. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 24. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 25. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 26. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 27. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 28. Tacyt   ü An  innovaCve  tool  for  the  monitoring  and  analysis  of  mobile  threats   ü hfps://path5.elevenpaths.com/  
  • 29. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 30. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 31. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 32. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 33. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 34. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 35. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 36. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 37. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 38. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/  
  • 39. Sinfonier   ü Storm  Builder  for  Security  Intelligence   ü hfp://sinfonier-­‐project.net/   Reinject  into   the  topology   the  new  list  of   applicaCons   found  
  • 40. Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
  • 41. Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
  • 42. Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
  • 43. Ducksboard:  hfps://goo.gl/uKnHT3   ü A  real-­‐Cme  dashboard   ü hfps://ducksboard.com/  
  • 44. Data  VisualizaCon   ü hfp://d3js.org/   ü D3.js  is  a  JavaScript  library  for  manipulaCn  documents  based  on  data  
  • 45. Data  VisualizaCon:  Data  EnCCes   ü hfp://ecrime2015.us.to:2015/zoom.html     “key”     [packageName][version][market]   hfps://play.google.com/store/apps/details?id=com.zaccur.b07.main     GP  “developerEmail”   embedded  link  that  points  an  “apk”  file   hfp://d.guomob.com/1142/2.apk    
  • 46. Data  VisualizaCon:  Example1   ü hfp://ecrime2015.us.to:2015/example1.html   ü GP  link:  hfps://play.google.com/store/apps/details?id=com.qfang.qfangmobile     •  One  developer   –  3117479220@qq.com   •  One  mobile  applicaCon  in  GP   –  com.qfang.qfangmobile   •  Five  embedded  “apk”  files   –  hfp://down.gao7.com/Files/down/wxjx_2.2.3_C227.apk   –  hfp://s.51aiya.com/content/down/aiya14100234.apk   –  hfp://www.159cai.com/download/vip/43332/159cai_shouji.apk   –  hfp://shoufu.3gu.com/Run/Upload/Apk/QFangWang.apk   –  hfp://www.wanggouchao.com/data/apk/wgc/v2.5.6/wgc_10021.apk  
  • 47. Data  VisualizaCon:  Example1   ü hfp://ecrime2015.us.to:2015/example1.html   ü GP  link:  hfps://play.google.com/store/apps/details?id=com.qfang.qfangmobile     •  One  developer   –  3117479220@qq.com   •  One  mobile  applicaCon  in  GP   –  com.qfang.qfangmobile   •  Five  embedded  “apk”  files   –  hfp://down.gao7.com/Files/down/wxjx_2.2.3_C227.apk   –  hfp://s.51aiya.com/content/down/aiya14100234.apk   –  hfp://www.159cai.com/download/vip/43332/159cai_shouji.apk   –  hfp://shoufu.3gu.com/Run/Upload/Apk/QFangWang.apk   –  hfp://www.wanggouchao.com/data/apk/wgc/v2.5.6/wgc_10021.apk  
  • 48. Data  VisualizaCon:  Example2   ü hfp://ecrime2015.us.to:2015/example2.html     •  Three  differents  developers   –  joowill9588@gmail.com   –  hong@jingeng.cn   –  info@bluby.com   •  Four  mobile  applicaCons  in  GP     •  Three  applicaCons  point  to  the  same   embedded  “apk”  files   –  hfp://update.iuoooo.com/Android/ componentvoice/xfyy1.apk   –  hfp://update.iuoooo.com/Android/ componentvoice/xfyy2.apk  
  • 49. Data  VisualizaCon:  Example3   ü hfp://ecrime2015.us.to:2015/example3.html     •  Three  different  developers   •  7  mobile  applicaCons  in  GP   •  13  embedded  “apk”  files    
  • 50. Data  VisualizaCon:  Example4   ü hfp://ecrime2015.us.to:2015/farm.html    
  • 51. Analysis  of  a  Case   ü hfp://ecrime2015.us.to:2015/managementapp.html   One  developer:   •  gameungdunghay@gmail.com  
  • 52. com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 53. com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 54. com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   com.giaitriviet.androidgp.womanday  :  500-­‐1000   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 55. com.giaitriviet.book.androidgp.bookaudio  :  50-­‐100   com.giaitriviet.android.haivai  :  10-­‐50   com.giaitriviet.androidgp.womanday  :  500-­‐1000   com.giaitriviet.androidgp.saigon  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 56. com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 57. com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 58. com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   com.giaitriviet.androidgp.vietnam  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 59. com.giaitriviet.androidgp.wallpaperquotes  :  5-­‐10   com.giaitriviet.androidgp.wallpapernaturals  :  100-­‐500   com.giaitriviet.androidgp.vietnam  :  10-­‐50   com.giaitriviet.androidgp.saigon1950  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 60. com.giaitriviet.androidgp.masterchef  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 61. com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 62. com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   com.giaitriviet.androidgp.fallsaigon1975  :  10-­‐50   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 63. com.giaitriviet.androidgp.masterchef  :  50-­‐100   com.giaitriviet.androidgp.managerapplicaCon  :  1-­‐5   com.giaitriviet.androidgp.fallsaigon1975  :  10-­‐50   com.giaitriviet.android.caravat  :  50-­‐100   Analysis  of  a  Case:  12  GP  applicaCons   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 64. Domain:  mediafire.com   Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html   All  links  are  up  
  • 65. Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 66. Analysis  of  a  Case:  Detail  of  embedded  “apk”   ü hfp://ecrime2015.us.to:2015/managementapp.html  
  • 67. Analysis  of  a  Case:  HotGirl  &  ChanDai   ü hfp://ecrime2015.us.to:2015/managementapp.html   Be  a  variant  of  a  known  malware  family   The  app  creates  or  modifies  SMS   Monitors  phone  state  (incoming  calls)   Uploads  the  list  of  apps  currently  running   to  a  remote  server   The  app  modifies  shortcuts  on  the  home   screen  
  • 68. Data  VisualizaCon:  Satellite  Photo   ü hfp://ecrime2015.us.to:2015/     ü If  you  click  this  URL,  most  likely  you  are  running  out  of  memory  in  your  computer   h9p://ecrime2015.us.to:2015/    
  • 69. Data  VisualizaCon:  Satellite  Photo   ü hfp://ecrime2015.us.to:2015/     ü If  you  click  this  URL,  most  likely  you  are  running  out  of  memory  in  your  computer  
  • 70. Conclusions   •  This  presentaCon  is  only  the  beginning  …   •  We  have  generated  a  RSS  feed  of  embedded   “apk”  files  …   •  We  have  a  graphical  representaCon  of  the   relaConship  between  three  types  of  enCCes  …   •  …  now  is  the  Cme  for  analysts  
  • 71. Community   Join  us:       sinfonier-­‐project.net     @e_Sinfonier   @flexpired                          @LeoAmorV