zoukankan      html  css  js  c++  java
  • Android Malware Analysis

    A friend of mine asked me help him to examine his Android 5.0 smartphone. He did not say what's wrong with his phone, and he just wonder why his wife know everything he chat on the phone, and where he has been.

    I'd like to help him to figure out if anything wrong about his phone. When I start to monitor his phone, I find a very interesting stuff running on his phone. Obviously it try to pretend that it's Google Play App, actually it is not...Also I could see the destination ip and port...

    I start to analye and figure out where it is. Yes that's it..a very suspicious package-"com.example.downloader"

    Look at the Manifest and it's really scaring. It can read/write SMS, storage, contacts, calendar,locactions, process outgoing calls, even recording audio.

    Guess what? It also could record chat messages including Naver Line, Facebook, What's App, Skype, and WeChat. No wonder his wife knows everything he chat on the phone. You could see the Naver Line chat messages recording on its own Database as below.

    I told him what I found on his phone, and he was very angry. He swore to figure out what his wife has done to his phone and when she did this. I told hime that maybe she bought this App on the internet or her friend taught her to do so.  I think the reason why she did it maybe she's afraid that her husband does not love her anymore. If her husband has affair with other girls and she will know immediately.  Still it's illeagl and it's not a right thing to do to the one you love.

  • 相关阅读:
    Java中四个作用域的可见范围
    java构造方法前加void有什么作用
    css3渐变
    日历插件
    三级联动地点
    js返回上一级代码和刷新页面代码
    css3滚动条
    如何写评价“星星”有半个情况的,如3.5,这样写好调数据
    原生态js单个点击展开收缩和jQuery的写法
    推荐大家使用的CSS书写规范、顺序
  • 原文地址:https://www.cnblogs.com/pieces0310/p/4830825.html
Copyright © 2011-2022 走看看