In-memory credentials robbery on android phones

Author

Stirparo, Pasquale ; Fovino, Igor Nai ; Taddeo, Marco ; Kounelis, Ioannis

Author_Institution

Inst. for the Protection & Security of the Citizen, Eur. Comm., Ispra, Italy

fYear

2013

fDate

9-12 Dec. 2013

Firstpage

88

Lastpage

93

Abstract

Mobile phones have almost replaced the work of traditional computers and people nowadays use them for both business and personal purposes, in a much more complex way than some years ago. However, the notion of “mobile phone” has not changed accordingly: the majority of the people consider this device as a phone without thinking the implications of their digital life when using it. In this paper we demonstrate how to steal user´s credentials and sensitive information in general from the memory of an Android device. We do so by analysing how mobile applications manage users data when these are loaded in the memory of the device. We use this findings to create a malware application able to retrieve login credentials from memory of the target applications, exploiting vulnerabilities due to both the user behavior and the poor practices when developing mobile applications. Finally, and most importantly, we show that this attack is not noticed by the mobile phone user both in terms of visibility and mobile phone performance.

Keywords

information retrieval; invasive software; mobile computing; smart phones; Android phones; digital life; in-memory credential robbery; login credential retrieval; malware application; mobile phones; sensitive information; user behavior; user credentials; user data management; Androids; Humanoid robots; Mobile communication; Smart phones; Trojan horses; android phone; malware; memory analysis; personal information;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet Security (WorldCIS), 2013 World Congress on

Conference_Location

London

Type

conf

DOI

10.1109/WorldCIS.2013.6751023

Filename

6751023