Tag Archives: android

FROST: Forensic Recovery Of Scrambled Telephones

A ready to go cold boot attack for a Galaxy Nexus!
Your Android PIN does not protect you.

We present FROST, a tool set that supports the forensic recovery of scrambled telephones. To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung. To break disk encryption, the bootloader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the bootloader is locked.

Link.

Tagged , , , , , , , ,

Android malware designed to build 3-D models of users’ apartments

An interesting article at FastCompany about PlaceRaider, an experimental smartphone trojan designed by Indiana University and the U.S. Navy. It’s Android malware designed to build 3-D models of users’ apartments.

PlaceRaider, which was summarized in a recent arXiv paper, is a piece of “visual malware” which smartphone cameras, accelerometers, and gyroscopes, to reconstruct victims’ rooms and offices. As pictures are uploaded onto the central server, they are knitted together into a 3D model of the indoor location where the pics were taken.

Tagged , , , , ,