Share these talks and lectures with your colleagues
Invite colleaguesCase study
Discovering CovidLock
Cyber Security: A Peer-Reviewed Journal,
5
(1),
27-36
(2021)
Abstract
In this paper the authors show the breadth of Coronavirus-themed maliciousness and how they prioritised their hunting across such a large influx of malicious infrastructure to discover CovidLock, a novel Android-based screen locker malware. A full technical analysis of CovidLock and its functions provides a basis for analysing other Android malware. This full-depth paper will show everything from hunting automation and prioritisation techniques to the reversing of the malicious application.
Keywords: malware; mobile malware; mobile threat research; COVID-19; ransomware
The full article is available to subscribers to the journal.
Author's Biography
Chad Anderson is a senior security researcher. His background is in security-focused operations with an emphasis on automation, but his interests lie across the board in the security space spanning both blue and red team operations and everything in between. In his current role he focuses on automating threat hunting techniques across adversary infrastructure to improve analyst efficiency.
Tarik Saleh is a senior malware researcher. He has been a technology hobbyist since he got his first computer at age 10 and has over ten years’ experience in information security in various blue-team roles such as leading a threat hunting team, incident response and security operations. He has worked in the security space for enterprise companies such as DomainTools, Amazon and Expedia.
Sean M. Mcnee is the director of research at DomainTools. His work focuses on domain registration and domain name system (DNS) data analysis, machine learning and visual analytics. He looks for ways to make the Internet a better place. He received his PhD from the University of Minnesota and was a winner of the 2010 ACM Software Systems Award.
