[C7] "iOS malware, what’s the risk and how to reduce it"
by Julien Bachmann

Authors: Julien Bachmann
Language: French
Country: Switzerland
Date & time: Thurs. 3 nov - 11:00 to 11:45

Since the end of 2015 the news start to get filled with a growing number of news about mobile malware and for some part a surprise: iOS malware. In a way this is in contradiction with Verizon DBIR 2015 report that stated that iOS malware was almost non-existent but several malware families targeting iOS have been discovered lately.
The goal of this presentation is to shed light on the capabilities that iOS malware can have either on jailbroken or non-jailbroken devices, with a clear distinction of the two cases. After a quick recap on iOS security model, the presentation will go through the steps of a malware infection: the installation and persistence as well as the replication mechanism. Then the malicious functionalities such as keylogging, sound recording or traffic interception will be presented. The defense part will not be forgotten with recommendations for protection and detection of this type of threats.

Biography: After several years performing penetration tests, to break into information systems and assess the security of web and mobile applications, Julien joined the defence side for Kudelski Security, first as a Security Architect. This background allows him to have a different view on how to protect enterprises and their critical assets. Julien is now a Security Researcher in the company’s Research Unit performing custom research for customers and the company’s products.

Julien is also a guest lecturer at Swiss engineering schools on software exploitation techniques, as well as on incident response and malware analysis.