ADVENTURES IN BOUNCERLAND presented at BlackHat USA 2012

by Sean Schulte, Nicholas J. Percoco,

Tags: Malware Bouncer Mobile Security Google Play Store

Summary : Meet <REDACTED>*. He is a single function app that wanted to be much more. He always looked up those elite malware and botnet apps but now that the Google\'s Bouncer moved into town his hopes and dreams appeared to be shattered. This was until he was handed text file while strolling along a shady part of the Internet (AKA Pastebin). The title of this txt file was "Bypassing Google\'s Bouncer in 7 steps for Fun and Profit". Upon reading this, our little app began to glow with excitement. He routed himself all the way to the gates of Google Play and began his journey from a simple benign app that <REDACTED>*, to a full-fledged info stealing botnet warrior. In this presentation will tell the story of how our little app beat the Bouncer and got the girl (well, at least all her personal information, and a few naughty pics).
* Our little buddy is still having fun in the market and we don\'t want anyone playing around with him right now, even you CFP reviewers.