soFrida - Dynamic Analysis Tool for Mobile Apps with Cloud Backend

Abstract

Mobile app developers are increasingly using cloud services to implement features such as storage, push notifications, and user data analysis. Popular cloud service including AWS provides SDK and credential keys that allow mobile apps to authenticate and authorize cloud resources so that developers can implement features by calling APIs. However, we identify a vulnerability that those credential keys can be obtained by attackers. Within this demo, we will present how to steal cloud credential keys with soFrida: a dynamic analysis tool, powered by Frida. With soFrida, security researchers or engineers can quickly collect Android APKs and analyze cloud vulnerabilities in Android apps, helping to prevent serious security incidents such as data leaks. We have discovered 2,700 potentially vulnerable mobile apps by using soFrida and currently collaborate with the cloud service provider to eliminate security vulnerabilities. Detailed statistics can be found on our website:https://sofrida.github.io

Publication
In DEF CON 27 Demo Labs
Yeongjin Jang
Yeongjin Jang
Principal Software Engineer

My research interests include cybersecurity/hacking, automated vulnerability discovery/analysis, secure system design, and applied cryptography.