OEMs HATE it! Get paid to backdoor phones with this One Weird Trick! presented at Securi-Tay 2020

by Ash Wolf,

Summary : I found out the firmware updater on my new Android phone was pulling double-duty as a malware distribution mechanism — legitimate-seeming OTA downloader by day, remotely-controllable backdoor by night. All in one convenient pre-installed, highly-privileged APK.This talk tells the story of how I discovered, tore apart, disclosed and exposed an OTA provider’s years-long side hustle. In the process I draw the ire of the provider, the gratitude of the manufacturer (who were completely unaware!) and uncover frankly ludicrous levels of shadiness.