POSITIVE HACK DAYS



ORGANIZER

Program

Android Task Hijacking

Want to visit   +59

Authors: Yury Shabalin and Evgeny Blashko

Android Task Hijacking is an Android vulnerability that makes it possible to spoof any application using only standard mechanisms and requiring no specific permits. It does not require root access to the device, and Google easily let such applications to the Store. All applications on the device are vulnerable to spoofing including the system ones, because this vulnerability is on the system level. The speaker will tell about technical details, show how this vulnerability works, and share possible solutions.

  • Language
  • Russian

Yury Shabalin
Responsible for SDLC implementation in the context of source code audit and overall integration of application analysis tools into an integral development ecosystem. Previously worked with Alfa Bank and Positive Technologies in such areas as security audit, forensics, penetration testing, and implementation of a Secure Software Development Lifecycle (SSDL). A speaker at ZeroNights, RISSPA, OWASP.

Evgeny Blashko
Five years of experience in information security; three years, in development of applications for desktop and mobile operation systems. Engaged in analysis of source code and mobile application security at SberTech. Spoke at OWASP Russia.

Yury Shabalin and Evgeny Blashko Yury Shabalin and Evgeny Blashko

Back to the list