Matthias Frielingsdorf
Matthias Frielingsdorf leads the research team at iVerify. He previous worked on securing Deutsche Bahn’s Smartphones and Tablets and testing mobile security software and upcoming security products for T-Systems. He wrote his Master Thesis on iOS Exploit / Malware detection and has presented his research at conferences like BlackHat, OBTS and LabsCon. He trained more than 60 people on the detection of commercial spyware on iOS.
Matthias is passionate about all things related to iOS security. When he’s not playing basketball or games he loves to spend his time learning new things around iOS.
Session
My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024.
The talk will start with an analysis how exploits, infection vectors and methods of commercial spyware on iOS have changed over time.
The second section of the talk is all about advances in detection methods and the forensic sources which are available to discover commercial spyware. This talk will also include a Case Study about the discovery and analysis of BlastPass (one of the latest NSO Exploits).
The third part will discuss technical challenges and limitations of the detections methods and data sources.
Finally, I will conclude the talk with open research topics and suggestions what Apple or we could technically do to make the detection of commercial spyware better.