Development and forensic study of a ransomware for Android 8.1 devices
![Thumbnail](/dspace/bitstream/handle/2183/34157/XoveTIC_2023_proceedings_Parte33.pdf.jpg?sequence=5&isAllowed=y)
Use this link to cite
http://hdl.handle.net/2183/34157
Except where otherwise noted, this item's license is described as Attribution 4.0 International (CC BY 4.0)
Metadata
Show full item recordTitle
Development and forensic study of a ransomware for Android 8.1 devicesDate
2023Abstract
[Abstract] The world of technology is under attack all the time. The reasons for this range
from economic to political and, as a result, there is a need for global awareness of the risks
involved. With this, there is also a need for continuous training of cybersecurity professionals.
Of all the attacks that cause the most damage to society, especially in the economic sphere,
ransomware is the one that leads the ranking. This fact defined the first objective of the Master’s
thesis presented in this article: the design of a mobile ransomware for devices with Android 8.1
operating system. The aim was to investigate the functioning of ransomware-type viruses at a
low level, as well as other related aspects. From the first objective arose the second: to carry out
computer forensic studies targeting the previously designed virus. These reports are intended
to be used for educational purposes, serving as a procedural guide for university professors or
professionals in the sector who are interested in virus forensics.
Both objectives were successfully achieved. A ransomware virus was developed, hidden behind
a so-called image gallery application. It encrypts certain images on the victim device and sends
the encryption key to its own remote server. In addition, two forensic reports were produced in
accordance with the appropriate standards. In these reports, each step of the virus analysis was
explained in detail. A range of alternative tools to be used by the analyst during the analysis
was also included
Keywords
Ransomware
Android
Computer Forensics Report
Encryption
Malware
Informe forense informático
Cifrado
Android
Computer Forensics Report
Encryption
Malware
Informe forense informático
Cifrado
Description
Cursos e Congresos, C-155
Editor version
Rights
Attribution 4.0 International (CC BY 4.0)