Entersoft Team demonstrated a live cyber attack on an Android phone in Bengaluru Tech Summit as a part of Entersoft's flagship Hackfest event. The hack was followed by a Q&A session with Ankit Fadia.
About the Hack
Brief on Android OS:
- Android Open Source Project is Licensed under GNU General Public License.
- According to Statista's analysis in 2018 Quarter-2 Android OS has 88% user base compared to Apple iOS 11.9%.
- 21.3% of the Android user's are on 6.0. 18.1% on 7.0 and just 7.5% are on 8.1.
- Android OS is being used from a range of low-end (cheap) mobiles to high-end (flagship) mobiles.
- Android OS updates are mainly dependent on the hardware specifications of the devices.
- Apple provides security guidelines for the developers and scans the application thoroughly before making it available on the App Store whereas Android recently started testing the apps on the play store.
- Downloading a new application into an android phone requires no additional authentication.
- Android OS allows installing any 3rd party application.
We brought a mobile device to demonstrate the hack which is already affected and installed with a malicious app. When the victim user (or) the owner of the mobile phone runs the malicious application it enables the ADB on port 5555 and we can access the mobile wirelessly when connected to the same Wi-Fi network.
The malicious application installed on the mobile phone does the following things:
- Makes a backup of all call logs, SMS and contacts and stores them at a pre-defined location on the mobile storage. Once the access to the mobile phone is established we have showcased all of these details on the screen.
- We also remotely opened and accessed Swiggy (Food Delivery Application) remotely and using some ADB commands, we are able to perform tap gestures and we are able to place an order on behalf of the victim user remotely without having to touch the phone.