Android Repackaging Attack Lab
SEED Lab: A Hands-on Lab for Security Education
Overview
Repackaging attack is a very common type of attacks on Android devices. In such an attack, attackers modify a popular app downloaded from app markets, reverse engineer the app, add some malicious payloads, and then upload the modified app to app markets. Users can be easily fooled, because it is hard to notice the difference between the modified app and the original app. Once the modified apps are installed, the malicious code inside can conduct attacks, usually in the background. For example, in March 2011, it was found that DroidDream Trojan had been embedded into more than 50 apps in Android official market and had infected many users. DroidDream Trojan exploits vulnerabilities in Android to gain the root access on the device.
The learning objective of this lab is for students to gain a first-hand experience in Android repackaging attack, so they can better understand this particular risk associated with Android systems, and be more cautious when downloading apps to their devices, especially from those untrusted third-party markets. In this lab, students will be asked to conduct a simple repackage attack on a selected app, and demonstrate the attack only on our provided Android VM. Students should be warned not to submit their repackaged apps to any market, or they will face legal consequence. Nor should they run the attack on their own Android devices, as that may cause real damages.
Lab Tasks (Description)
- VM version: In addtion to the SEEDUbuntu16.04 VM, this lab also needs the Android7.1 VM, which can be downloaded from here.
Recommended Time:
- Supervised situation (e.g. a closely-guided lab session): 2 hours
- Unsupervised situation (e.g. take-home project): 1 week
Files that are needed
- MaliciousCode.smali: this smali code deletes all the contacts on the phone if triggered.
- MaliciousCode_Location.zip: this zip file contains smali code that can track the victim's location.
- You can use some existing apps for this lab; if you don't want to do that, we have created a simple app (RepackagingLab.apk) that you can use.