Analyzing Android Malware — From triage to reverse-engineering
2023-09-09, 12:40–13:25 (Europe/Berlin), Tesla

It's easy to get wrapped up and worry about large-scale ransomware attacks on the threat landscape. These are the types of attacks that make headlines and strike fear into the hearts of CISOs everywhere. But if you want to defend the truly prolific and widespread threats that target some of the devices closest to us, you need to be on the lookout for mobile malware.

Many actors are deploying malware that targets Android devices. Attackers are frequently targeting Android devices, given that it's the most popular mobile operating system in the world.

If you want to stay up to date on the latest Android malware, I will discuss representative mobile device malware. I will try to show how to reverse-engineer some of these threats, and how you can dissect Android malware on your own to learn more about what techniques attackers are using and how you can defend your devices. CTF players may find this presentation useful for helping to solve some Android reversing challenges.

Vanja Švajcer works as a Technical Leader for Cisco Talos. He is a threat researcher with more than 20 years of experience in malware research and threat intelligence.

Vanja enjoys tinkering with automated analysis systems, reversing binaries and analysing mobile malware. He presented his work at conferences such as Virus Bulletin, RSA, CARO, AVAR, BalCCon, BSides and others.