an overview of mrats
DESCRIPTION
TRANSCRIPT
An Overview of Mobile Remote Access Trojans (mRATs) and Targeted Mobile Attacks
Agenda
● The Collapse of the Corporate Perimeter ● Mobile Remote Access Trojans (mRATs)
What do they do?
What types are there?
● Real-Life mRAT statistics ● Infection vectors ● Follow up videos
The Collapse Of The Corporate Perimeter
The Collapse Of The Corporate Perimeter
The Collapse Of The Corporate Perimeter
“More than
60% of organizations enable BYOD” Gartner, Inc. October 2012
The Collapse Of The Corporate Perimeter
mRAT Capabilities
Eavesdropping
Snooping on corporate emails and application data
mRAT Capabilities
Eavesdropping
Extracting contact lists, call &text logs
Snooping on corporate emails and application data
mRAT Capabilities
Eavesdropping
Extracting contact lists, call &text logs
Tracking location
Snooping on corporate emails and application data
mRAT Capabilities
Eavesdropping
Extracting contact lists, call &text logs
Tracking location
Snooping on corporate emails and application data
Infiltrating internal LANs
TYPES OF mRATS
The mRAT Threat-scape
mRATs / Spyphones
High End: Government / Military grade
Mid Range: Cybercrime toolkits
Low End: Commercial surveillance toolkits
High-Profiled Example
High-Profiled Example
Commercial mobile surveillance tools
REAL-LIFE STATISTICS
Infection rates:
June 2013:
1 / 1000 devices
Survey: Cellular Network 2M Subscribers Sampling: 650K
Survey: Cellular Network 2M Subscribers Sampling: 650K
Infection Vectors
For more Information: Coming soon…
“Cyber-Threats to Android-Based Devices” “Cyber-Threats to iOS-Based Devices”
Lacoon Mobile Security YouTube Channel
An Anatomy of an Attack against MDMs
For more Information:
“Bypassing Secure Containers on Mobile”
Lacoon Mobile Security YouTube Channel