Mobile Malware and Privacy

  1. Privacy Threats and Data Exfiltration
    1. Categories of Targeted Data
      1. Personal Communications
        1. SMS Messages
          1. Call Logs
            1. Email Content
              1. Instant Messaging
                1. Voice Recordings
                2. Authentication Credentials
                  1. Application Logins
                    1. Financial Account Details
                      1. Social Media Credentials
                        1. Corporate Access Tokens
                        2. Location Information
                          1. GPS Coordinates
                            1. Wi-Fi Network Data
                              1. Cellular Tower Information
                                1. Movement Patterns
                                2. Device and User Identifiers
                                  1. IMEI Numbers
                                    1. IMSI Data
                                      1. Advertising Identifiers
                                        1. Device Serial Numbers
                                          1. MAC Addresses
                                          2. Personal Information
                                            1. Contact Lists
                                              1. Calendar Events
                                                1. Notes and Documents
                                                  1. Browser History
                                                  2. Media Content
                                                    1. Photos and Videos
                                                      1. Audio Recordings
                                                        1. Downloaded Files
                                                          1. Screenshots
                                                          2. Sensor Data
                                                            1. Microphone Access
                                                              1. Camera Usage
                                                                1. Accelerometer Data
                                                                  1. Gyroscope Information
                                                                    1. Proximity Sensor Data
                                                                      1. Ambient Light Data
                                                                      2. Biometric Data
                                                                        1. Fingerprint Templates
                                                                          1. Facial Recognition Data
                                                                            1. Voice Patterns
                                                                          2. Data Exfiltration Methods
                                                                            1. Covert Communication Channels
                                                                              1. Steganography Techniques
                                                                                1. Data Hiding in Legitimate Traffic
                                                                                  1. Protocol Tunneling
                                                                                  2. Command and Control Communication
                                                                                    1. HTTP/HTTPS Channels
                                                                                      1. SMS-Based C2
                                                                                        1. DNS Tunneling
                                                                                          1. Social Media Platforms
                                                                                            1. Cloud Services Abuse
                                                                                            2. Data Encoding and Obfuscation
                                                                                              1. Encryption Techniques
                                                                                                1. Data Compression
                                                                                                  1. Format Transformation
                                                                                                  2. Timing-Based Exfiltration
                                                                                                    1. Scheduled Data Transmission
                                                                                                      1. Event-Triggered Uploads
                                                                                                        1. Bandwidth Throttling
                                                                                                      2. Privacy Invasion Techniques
                                                                                                        1. Ambient Data Collection
                                                                                                          1. Background Monitoring
                                                                                                            1. Passive Data Gathering
                                                                                                            2. Cross-Application Data Correlation
                                                                                                              1. Data Fusion Techniques
                                                                                                                1. Profile Building
                                                                                                                2. Inference Attacks
                                                                                                                  1. Behavioral Pattern Analysis
                                                                                                                    1. Predictive Modeling

                                                                                                                Previous

                                                                                                                5. Mobile Malware Analysis

                                                                                                                Go to top

                                                                                                                Next

                                                                                                                7. Countermeasures and Mitigation Strategies