Sidewinder Targeted Attack Against Android in the Golden Age of Ad Libs

Explore a 17-minute Black Hat conference talk that delves into the "Sidewinder Targeted Attack" against Android devices. Learn how vulnerabilities in apps, the Android system, and aggressive ad libraries can be exploited for powerful targeted attacks. Discover how attackers can intercept location information from ad libraries to identify specific targets, such as CEO offices or conference rooms. Understand the exploitation of popular vulnerabilities in ad libraries, including Javascript-binding-over-HTTP and dynamic-loading-over-HTTP. Gain insights into techniques for invoking Android services from injected native code, enabling actions like taking photos, making calls, sending SMS, and accessing clipboards. Examine newly discovered Android vulnerabilities that allow for privacy breaches and advanced attacks. Watch real-world demonstrations using apps from Google Play, and understand the ongoing threat to millions of users due to slow patching and fragmentation in the Android ecosystem.

Sidewinder Targeted Attack Against Android in the Golden Age of Ad Libs