Explore the intricate world of Android malware in this 38-minute conference talk from the Hack In The Box Security Conference. Delve into the complex "Zen" campaign and other harmful Android apps, uncovering sophisticated techniques used by malware authors to monetize their creations. Learn about root access exploitation, fake Google account generation, click fraud, and spam apps. Discover how these malicious actors circumvent security measures, including CAPTCHA bypass and various persistence mechanisms. Gain insights into the evolution of Android malware, from simple app repackaging to advanced rooting trojans, and understand the challenges posed by improving Android security. Follow along as Łukasz Siewierski, a Reverse Engineer on the Android Security team at Google, breaks down the technical details and presents a timeline of the malware author's creations.