Click here for free TV! Chaining bugs to takeover Wind Vision account

Abstract: Wind Vision is a streaming service offered by one of the top telecommunication vendors in Greece. With over 40.000 active subscribers, the user can download the Android application and watch TV from anywhere. ...And so could a malicious third party, by exploiting a series of vulnerabilities to go from one wrong click by the user, to complete takeover of their account. This talk will present the findings of independent research conducted during lockdown which led to the discovery of several low-impact bugs that, when chained together, result in a much greater attack. We will dive deep into the analysis of the vulnerabilities, discussing the common mobile development pitfalls and the psychology behind confusing prompts. Wind Vision subscribers among the attendees will also have the chance to install the demo Proof of Concept malware application that was developed (it's safe - promise), to see for themselves how the full chain works. Mobile developers will gain insight into how to prevent such attacks, allowing them to create apps that are fun, but also keep their users' watchlists safe. Finally, we will close up with a review of the disclosure process, the aftermath of resolution, and other lessons learned that will hopefully set you on the right path for researching and finding vulnerabilities in everyday products. References: https://labs.f-secure.com/blog/wind-vision-writeup https://labs.f-secure.com/advisories/wind-vision Bio: I had a genuine interest in offensive security ever since the first years of university. Amazed with the exciting and original assignments for the relevant course, it wasn't long before I landed my first job in the infosec industry, which brought me to sunny Cyprus, where I learned a lot, attended conferences and earned certifications. Nowadays, I live in the fascinating, though less sunny city of Manchester in the UK, working as a security consultant at F-Secure, which I followed and admired from the MWR years. Beyond helping clients globally keep their web, mobile and network infrastructure safe, this position has also allowed me to perform lots of research, which resulted in several CVEs for well known products by companies like Cisco and Xiaomi.