{"title":"对挂钩式安卓恶意软件的取证分析","authors":"Dominic Schmutz, Robin Rapp, Benjamin Fehrensen","doi":"10.1016/j.fsidi.2024.301769","DOIUrl":null,"url":null,"abstract":"<div><p>This publication presents a thorough forensic investigation of the banking malware known as Hook, shedding light on its intricate functionalities and providing valuable insights into the broader realm of banking malware. Given the persistent evolution of Android malware, particularly in the context of banking threats, this research explores the ongoing development of these malicious entities. In particular, it emphasizes the prevalent “malware as a service” (MaaS) model, which engenders a competitive environment where malware developers continually strive to enhance their capabilities. Consequently, this investigation serves as a vital benchmark for evaluating the current state of banking MaaS capabilities in July 2023, enabling researchers and practitioners to gauge the advancements and trends within the field.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2024-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S266628172400088X/pdfft?md5=194dd9b7991e93a51071b247dc3d33ac&pid=1-s2.0-S266628172400088X-main.pdf","citationCount":"0","resultStr":"{\"title\":\"Forensic analysis of hook Android malware\",\"authors\":\"Dominic Schmutz, Robin Rapp, Benjamin Fehrensen\",\"doi\":\"10.1016/j.fsidi.2024.301769\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>This publication presents a thorough forensic investigation of the banking malware known as Hook, shedding light on its intricate functionalities and providing valuable insights into the broader realm of banking malware. Given the persistent evolution of Android malware, particularly in the context of banking threats, this research explores the ongoing development of these malicious entities. In particular, it emphasizes the prevalent “malware as a service” (MaaS) model, which engenders a competitive environment where malware developers continually strive to enhance their capabilities. Consequently, this investigation serves as a vital benchmark for evaluating the current state of banking MaaS capabilities in July 2023, enabling researchers and practitioners to gauge the advancements and trends within the field.</p></div>\",\"PeriodicalId\":48481,\"journal\":{\"name\":\"Forensic Science International-Digital Investigation\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2024-05-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S266628172400088X/pdfft?md5=194dd9b7991e93a51071b247dc3d33ac&pid=1-s2.0-S266628172400088X-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Forensic Science International-Digital Investigation\",\"FirstCategoryId\":\"3\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S266628172400088X\",\"RegionNum\":4,\"RegionCategory\":\"医学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S266628172400088X","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
This publication presents a thorough forensic investigation of the banking malware known as Hook, shedding light on its intricate functionalities and providing valuable insights into the broader realm of banking malware. Given the persistent evolution of Android malware, particularly in the context of banking threats, this research explores the ongoing development of these malicious entities. In particular, it emphasizes the prevalent “malware as a service” (MaaS) model, which engenders a competitive environment where malware developers continually strive to enhance their capabilities. Consequently, this investigation serves as a vital benchmark for evaluating the current state of banking MaaS capabilities in July 2023, enabling researchers and practitioners to gauge the advancements and trends within the field.