Mudit Jaiswal Relatore

Mudit Jaiswal is a well seasoned ethical hacker with 7+ years of experience in most avenues of cybersecurity. His wide expertise in VAPT, Red Teaming and his keen interests in understanding financial frauds such as Payment Bypasses, Credit Card Frauds and Business logic exploits has made a highly sought out engineer for numerous companies dealing with critical infrastructure such as Telecom, Finance, Banking and Payment Gateways. Spending most of his research time on exploiting mobile applications and operating systems, his day job includes finding and exploiting technical and logical vulnerabilities in Android applications as well as unveiling new techniques used by blackhat hackers to carry out financial attacks on global organisations. Currently, he works at one of the biggest banks as an Application Security Engineer, where he works closely with product architects and developers in fixing such use cases that generally are not part of standard VAPT exercises. Mudit, after completing his Bachelors in Computer Applications, is now pursuing his masters while holding security certifications such as OSCP as well. In off time, he also enjoys playing CTFs and Bug Bounties, winning him accolades in numerous security conferences.
  • Defeating Modern Android Security Measures - Custom Kernels and Anti-Frida This talk aims to explore and understand the various security measures provided by the latest Android OS version (13/14) such as SafetyNet, Google Play Integrity, Device Fingerprint Blacklisting, Anti Objection/Frida modules and ROM integrity checks utilised by sophisticated Financial and Banking Android Applications. First we will discuss the conventional methods used by hackers to bypass hindrances such as Root Checks and SSL pinning which generally involve injecting custom code in runtime with tools such as Magisk, Frida, Objection, Xposed Framework etc. These techniques however do not work on the latest Android versions and we will understand how the advanced security measures detect such techniques. We will then deep dive into novel techniques used by malicious hackers in the wild to defeat such measures. This will cover using Custom Kernels, Custom Recovery images and new frameworks to inject malicious modules into Android and patch the Kernel sneakily to bypass modern detections. We will then discuss how these frameworks can be used to weaponize our attacks and bypass certificate checks to gain complete API level interception. We will showcase our case studies and PoCs where we were able to bypass Root Check and SSL Pinning for sophisticated Banking and Telecom applications on the latest Android versions while utilizing lesser known tools such as KernelSU, Tai Chi, LSposed, Orange Recovery, etc which are used in the blackhat community for carrying out financial frauds and targeted logical attacks on widely used applications. Finally we will talk about numerous tricks and tips developers can use to make the life of hackers more difficult. - 15:15/16:00, 08 Jun 2024