We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and Close

Contact us

Ask a question?

If you want to know anything about the course, we’re here to help.


Go to the Codebreakers competition here

Mobile Malware Reverse Engineering

Course Overview

With almost everyone in the world owning a smartphone that effectively mixes the person’s private area and work lives, keeping systems intact has become a growing challenge for corporate IT security and SOC teams.

Mobile malware is often used in cyberattacks against organizations by both cybercriminals and sophisticated APT actors, so the ability to counter such attacks is crucial for corporate security teams.

The Mobile Malware Reverse Engineering training is based on Kaspersky’s vast experience in this field and authored by one of the leading experts on mobile malware – Victor Chebyshev. The course features static and dynamic analysis of some outstanding and unique malware samples like MagicKarakurt, LightSpy and the DuKong framework.

By taking this online course you will:

  • Learn advanced features of static analysis (permissions, strings, signature, resource files, decompilation of Dalvik bytecode)
  • Understand how to analyze mobile malware including Android and iOS samples
  • Learn how to analyze native libraries for Android and iOS statically, as well as advanced dynamic analysis with Frida framework.

You will immediately put your new knowledge to practice in our restricted virtual lab where you can safely reverse the dangerous malware samples we introduce you to.

Real-life targeted Android and iOS malware samples

We demonstrate static and dynamic reversing of infamous malware samples like MagicKarakurt and LightSpy for Android and iOS, and the DuKong framework. You’ll get a detailed view with comments from our expert of the samples you’re unlikely to find in any other course.

Master advanced tools and techniques

Watch as Victor shows you his skills and tricks in dynamic instrumentation, native API hooking, return value dumping, unpacking, function resolving using Ghidra plugins and more!

Lots of safe practice on malware samples

You’ll get 100 hours of access to the restricted virtual environment to securely practice reversing the samples and playing with them for your skill development.

All Levels



$890 inc. tax per learner   

Enroll my team
Request demo access

Training objectives

  • Understand how to analyze mobile malware including Android/iOS samples
  • Learn advanced static analysis or so-called surface analysis: permissions, strings, signature, resource files, decompilation of Dalvik bytecode
  • Learn how to analyze native libraries for Android and iOS statically using Ghidra
  • Learn advanced dynamic analysis using dynamic instrumentation with Frida


  • Basic knowledge of networking and programming concepts
  • Familiarity with x86/64 assembly language
  • Prior experience with IDA Pro
  • Basic knowledge of Python 3
  • Experience with Java programming is particularly helpful

Your course leader

Victor Chebyshev Profile

Victor Chebyshev

Security Researcher

Victor Chebyshev is a security researcher specializing in mobile targeted attacks, research and static reverse engineering.

Victor regularly provides customer training on these subjects and has presented his malware research at various cybersecurity conferences, like the SAS, the RSA Conference etc.

Who it's for


Corporate IT security managers
Mobile malware poses a significant threat to enterprise IT networks – in the course we show practical techniques to deal with them. The course is a great tool to upgrade your security team’s ability to counter various cyber threats.


Reverse engineers and SOC professionals
Mobile malware has its own unique features which attackers use in their activities. The knowledge gained on this course will take your professionalism to the next level.

How you'll learn


Guided video lectures
Learn from well-explained videos by a top expert on mobile malware, who shares his practical experience and hacks.

Virtual Lab

Hands-on virtual lab
Practice in our fully configured virtual lab to tinker with the malware samples and get the best of them.

Active Learning

Structured flow
The course is built around progressive learning with a consistent module framework. Each module is based on a specialist overview of each task, practical work in the virtual lab and detailed solution walk-throughs.


Benefits for you

Access Icon
6 months to complete your course from activation of your access code Bullet Tick
Pace Icon
Courses delivered in English with subtitles Bullet Tick
Course Duration
Self-guided learning that fits around your life Bullet Tick
Browser-based access to virtual lab
It will take you approximately 3.5 hours to watch the videos Bullet Tick
Downloads Icon
PDF downloads of training materials & tips Bullet Tick
Mobile Access
Learning environment
Browser-based via desktop, mobile & tablet (excludes virtual lab which requires an RDP client) Bullet Tick
Course Author
Course authors
Leading security researcher of mobile malware Bullet Tick
Guided Videos Icon
Guided videos
20+ videos to guide you through the course Bullet Tick
Virtual Lab Icon
Access to virtual lab
100 hours of virtual lab time for hands-on learning Bullet Tick
Technical Support Icon
Support & Feedback
Platform support and help from our subject matter experts is available by email 0900 - 1730 UK time on standard business days via help.kasperskyxtraining.com. Bullet Tick
Certification Icon
Certificate of completion
PDF document on a Kaspersky letterhead certifying the completion of the course, signed by the course leader(s) Bullet Tick

$890 inc. tax per learner   

Enroll my team
Request demo access