RESOURCES | IOActive

Blogs | INSIGHTS | November 7, 2012

Hacking an Android Banking Application

This analysis of a mobile banking application from X bank illustrates how easily anyone with sufficient knowledge can get install and analyze the application, bypassing common protections. 1. Installing and unpacking the application Only users located in Wonderland can install the X Android application with Google Play, which uses both the phone’s SIM card and IP address to determine the location of the device. To bypass this limitation, remove the SIM card and reset the phone to factory defaults. Complete the initial Android setup with a Wonderland…

Juliano Rizzo

IOActive has documented detailed attack paths and component vulnerabilities to describe the first plausible, detailed public attack paths to effectively reach the avionics network on a 787, commercial airplane from either non-critical domains, such as Passenger Information and Entertainment Services, or even external networks.

ACCESS THE WHITEPAPER

IOACTIVE CORPORATE OVERVIEW (PDF)

IOACTIVE SERVICES OVERVIEW (PDF)

IOACTIVE ARCHIVED WEBINARS (list)

Arm IDA and Cross Check: Reversing the 787’s Core Network