UP | HOME
2019-04-02 ../..

Lab on Android Malware

Table of Contents

1 Lab Goals

This is a lab in the course on Android Internals and Security.

The purpose of this lab is to give you experience in Practical Work on Android Malware.

  1. Detect a malware
  2. Experience a malware
  3. Understand/ Dissect a malware
  4. Create a malware

You need to learn how (i) to analyze what the APKs are made of, (ii) analyze known Android Malware, and (iii) become aware of what should be observed as the (malware) apps run.

2 Tasks

2.1 Task: APK Reverse Engineering

  1. Task: Here is an APK ./anUnknown.apk file. Figure out all that you can about this APK. You may also wish to install and run it. Caution: Use an AVD?
  2. Deliverables: (i) A critique of the analyses tools. (ii) A description of the unknown.apk similar to what you find on Google Play. (iii) A design description of the app after your analyses. (iv) Selected annotated screenshots during your analyses.

2.2 Task: Monitoring Processes and Connections

  1. There are several apps that can display the details of processes and network connections. All of this info is also displayable by going into the device via adb shell, or a terminal APK, but these apps have nicer looking output.
  2. Task: Choose one for processes, and another for network connections. May be there is a combined one. From either Google Play or F-Droid.
  3. Deliverables: (i) A review of the APKs you chose, and why you chose them. (ii) Screenshots.

2.3 Task [WIP] Key Logger Spyware

  1. "An Android keylogger can keep track of every keystroke, SMS text messages, logs and phone locations via GPS. It also helps you see how your children or subordinates are using their phones and track their location. And, as a spy software for android, it usually operates on silent mode while the user is unaware of its existence."
  2. Task: Install one keylogger. Enable "Unknown Sources" and install. Enable its usage. Even without user consent.
  3. Deliverables: (i) A review of the APKs you chose, and why you chose them. (ii) Screenshots? (iii) What would alert you to its existence? Discuss.

2.4 Task [WIP] Making a SpyCamera

  1. Task: Install one spy camera. Enable "Unknown Sources" and install. Enable its usage. Even without user consent.
  2. Deliverables: (i) A review of the APKs you chose, and why you chose them. (ii) Screenshots? (iii) What would alert you to its existence? Discuss.

3 Submission

Submit on Pilot into dropbox folder LabMalware.

There should be one pdf file named exactly Report-LabMalware.pdf that includes all screenshots, your commentary on all aspects of this lab.

Please follow the lab report template. Link is located on the course home page. (Scripts are used to check various things – so file names should obey "rules".) Suggestions as to what this commentary should focus on are spread out in the writeup above.

Additionally include the .apk and deliverables mentioned above.

4 Helpful Reading for This Lab Work

  1. https://spyadvice.com/android-keylogger/ 12 Best Android Keylogger Apps in 2018 (no-Root, Hidden) 2018
  2. https://www.spyzie.com/keylogger/best-keylogger-app-for-android.html
  3. https://ikeymonitor.com/android-keylogger "iKeyMonitor is the best Android keylogger possible without root."
  4. https://www.mspy.com/keylogger.html Not free. Min price = $30 per month. Linked here for awareness.
  5. https://www.lifewire.com/best-spy-camera-apps-4179114 2019
  6. https://xnspy.com/top-10-android-spy-apps.html 2019
  7. https://github.com/wolkenschieber/spy-camera-os 2014
  8. https://f-droid.org/en/packages/net.majorkernelpanic.spydroid/
  9. http://www.nerdgrl.org/en/spy-app-hidden-camera-android/ How to create hidden camera code for Android spy app 2016
  10. https://medium.com/the-mission/snowden-was-right-block-your-mics-cameras-33e89fbb46e6 Snowden Was Right, Block Your Mics & Cameras, 2016
  11. https://techcrunch.com/2017/12/24/edward-snowden-haven-app/ Edward Snowden’s new app turns any Android phone into a surveillance system, 2018. "Haven" can be downloaded via Google Play and open source Android app store F-Droid.

5 End


Copyright © 2019 Dr Prabhaker Mateti • 2019-04-02