Smali code injection4/3/2023 ![]() ![]() We targeted the onCreate() method of the main activity of the host application. Our application of choice was the Facebook Lite application ( ). smali bytecode from the application and implated the modules into an existing, legitimate application, downloaded from the Play Store. We compiled the application using Android Studio and we extracted the. It attempts to send SMS messages to subscribe to premium rates services.It retrieves the IMEI, IMSI, the call log and the contact list and sends them as a base64 encoded blobs to a remote internet endpoint. ![]() In order to get started, we created an Android application, which implements the following features. We decided to model a malicious 3rd party app store and to evaluate the scenario of a ‘backdoored’ legitimate application. As it turns out, many of the applications from alternative app stores also bring malware. Many of the offerings from 3rd party app stores are paid apps from Google’s Play Store – however, most of the 3rd party app stores promise the same app for free. Our approach was based on the fact that many 3rd party app stores offer applications, which have been infected with malware ( ). Recently, we have been working on some advanced Android malware and to test some ideas, we opted to create some custom samples. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |