Android applications can be attacked in a multitude of ways. This workshop will give an introduction to some of the most popular attacks. It will explain how the attacks work in theory, demonstrate how they can be done in practice, with which tools, and discuss possible ways an app developer can protect against them.

The following attacks will be discussed:

Accessibility Service Abuse: How many strains of malware exfiltrate data from apps

Reverse Engineering: Understanding how a compiled application works to retrieve potential secrets it contains.

Repackaging: Modifying an application on disk to change its behavior.

Hooking: Modifying an application in memory to change its behavior.

Debugging: Using a debugger to observe and manipulate the execution of an application.

This hands-on workshop will give developers clear insight into the tools, methodologies, and techniques attackers use to break into apps and what techniques developers can implement quickly to defend against those attacks.