Android Security & Malware
2 May 2019
Channel «Android Security & Malware» created
Channel photo changed
A
10:35
Android Security & Malware
Android Security Monthly Recap #4

-Xiaomi vulnerabilities
-insecure financial apps
-stalkware
-spyware
-leaked source code
-Clickers, Adware, Banking Trojans, Ransomware and Phishing apps on Google Play
-hidden feature of your Samsung Calc
+3 bonuses
https://lukasstefanko.com/2019/05/android-security-monthly-recap-april-2019.html
A
11:07
Android Security & Malware
How Anubis uses Telegram (and Chinese characters) to phone home https://news.sophos.com/en-us/2019/05/01/how-anubis-uses-telegram-and-chinese-characters-to-phone-home/
A
14:51
Android Security & Malware
Chinese authorities are using a mobile app to carry out illegal mass surveillance and arbitrary detention of Muslims https://www.hrw.org/video-photos/interactive/2019/05/02/china-how-mass-surveillance-works-xinjiang
14:54
This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability https://blog.quarkslab.com/android-application-diffing-cve-2019-10875-inspection.html
14:56
Chrome on Android: Phishing attackers can now trick you with fake address bar https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
15:01
Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition) https://link.medium.com/zgBpttKSmW
A
15:35
Android Security & Malware
Android App Reverse Engineering 101 https://maddiestone.github.io/AndroidAppRE/
3 May 2019
A
03:14
Android Security & Malware
From third-party Android store to SMS Trojan
https://www.zscaler.com/blogs/research/third-party-android-store-sms-trojan
A
08:29
Android Security & Malware
There are currently 14 distinct categories of Potentially Harmful Applications (PHAs) designed by Google https://developers.google.com/android/play-protect/phacategories
A
12:29
Android Security & Malware
AndroidProjectCreator converts the APK to an Android Studio project. https://maxkersten.nl/projects/androidprojectcreator/
A
13:44
Android Security & Malware
3 things you should be doing when you pentest an Android application https://link.medium.com/4vYR1UbsoW
A
19:28
Android Security & Malware
Not cool. At least it explains why it needs location services.
4 May 2019
A
12:21
Android Security & Malware
Honda Insight in 2019 runs Android 6 from 2015
5 May 2019
A
08:01
Android Security & Malware
Two vulnerabilities in Android-based smart-TVs from Sony, including the flagship Bravia line, could allow attackers to access WiFi passwords and images stored on the devices. https://threatpost.com/android-sony-smart-tvs/144133/
08:10
Twitter lite(Android): Vulnerable to local file steal, Javascript injection, Open redirect. https://hackerone.com/reports/499348
6 May 2019
A
10:49
Android Security & Malware
April 2019 mobile malware review from Doctor Web

https://news.drweb.com/show/review/?lng=en&i=13278
A
13:35
Android Security & Malware
Security Steps You Should Take After Buying a Second-Hand Phone https://www.android.gs/possible-security-threats-you-might-face-when-using-a-second-hand-smartphone
7 May 2019
A
06:34
Android Security & Malware
Dynamic binary instrumentation tool designed for Android application and powered by Frida. It desassemble DEX, analyze, can generate hook, stored intercepted data automatically and do new things from it... https://github.com/FrenchYeti/dexcalibur
A
18:44
Android Security & Malware
Google announces a new way for delivering Android security updates for core OS components. https://www.zdnet.com/google-amp/article/google-io-14-android-os-modules-to-get-over-the-air-security-updates-in-real-time/
18:47
These are all the majoor security features Google added in Android over the years.

Today, at I/O, it said it added 50 new features and improvements to privacy and security settings, which it described as "the main focus of this release." via @campuscodi
8 May 2019
A
05:33
Android Security & Malware
How my bug bounty hunt turned into Android malware analysis https://daddycocoaman.dev/posts/bug-bounty-adventures-this-is-the-wrong-porn/
A
08:01
Android Security & Malware
GIF
UC Browser for Android is Vulnerable to URL Spoofing Attack

▪️UC Browsers have 600M+ installs on Google Play
▪️This vulnerability can be explained by phishing attack
▪️PoC: google.com.evil.com/?q=www.paypal.com
▪️Not fixed yet
▪️Discovered by @payloadartist

Details: https://www.andmp.com/2019/05/advisory-unpatched-url-address-bar-vulnerability-in-latest-versions-of-UC-browers.html
A
08:41
Android Security & Malware
Latest OWASP Mobile Security Testing Guide (v1.1.1) released today.
Lots of new stuff. Particularly for iOS (+30%). https://github.com/OWASP/owasp-mstg
A
09:39
Android Security & Malware
1-click HackerOne account takeover on all Android devices - bug which allowed to dump history from all Chromium based browsers. https://hackerone.com/reports/563870
9 May 2019
A
09:01
Android Security & Malware
Mobile Zero-days vulnerabilities are worth more than Windows.
We walk around with perfect espionage devices in our pockets and bad actors are aware of it.
09:02
A
09:30
Android Security & Malware
The apps bundled with many Android phones are presenting threats to security and privacy greater than most users think.
They found that everyone from the hardware builders to mobile carriers and third-party advertisers were loading products up with risky code (PDF). https://arxiv.org/pdf/1905.02713.pdf
A
12:07
Android Security & Malware
Gartner evaluates a number of operating systems and device implementations including Android. Android 9 received strong ratings in 26 of 30 categories, including 12 of the 13 categories in the corp-managed section.
https://www.blog.google/products/android-enterprise/android-enterprise-security-assessed-gartner/
A
18:35
Android Security & Malware
If you have app Qualcomm Telecome app that tries to send SMS remove it.

How: Go to Settings -> Apps search for Qualcomm Telecome app and check if it requests SMS permission. If so, uninstall it.
This app was found on Pixel 2XL, Pixel 3XL and OnePlus 5 once updated to Android 9.
10 May 2019
A
08:31
Android Security & Malware
South Africa Has Second Most Android Banking Malware Attacks As Cyber Crime Increases

▪️Android smartphones in South Africa are the second-most targeted for banking malware
▪️There are 13,842 cyber attacks per day in Africa’s most sophisticated economy
https://sabric.co.za/media-and-news/press-releases/digital-banking-crime-statistics/
A
10:29
Android Security & Malware
A popular GPS tracker — used as a panic alarm for elderly patients, to monitor kids, and track vehicles — contains security flaws that could leak real-time locations and can remotely activate its microphone.

▪️Device has integrated SIM card but without internet connectivity
▪️If not properly secured (not by default), it can receive SMS commands from anyone
https://techcrunch.com/2019/05/10/gps-trackers-flaw/
A
13:38
Android Security & Malware
Quick overview of "secure messaging apps"
11 May 2019
A
07:13
Android Security & Malware
In Android Q beta 3 apps running in the background can no longer launch activities.
However, users can disable this feature in developer options by turning on "Allow background activity starts."
Because of that, malware could allow it via Accessibility services. https://www.androidpolice.com/2019/05/08/background-apps-can-no-longer-launch-activities-in-android-q-beta-3/
A
19:13
Android Security & Malware
APKiD (new release) gives you information about how an APK was made.
It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.
https://github.com/rednaga/APKiD/blob/master/README.md
A
19:44
Android Security & Malware
Great feature on iOS 12
12 May 2019
A
17:06
Android Security & Malware
Local DoS on all Samsung phones with PoC https://link.medium.com/IhXHrKKCDW
A
17:25
Android Security & Malware
Hacking Public Warning System in LTE Mobile Network
https://t.co/pv7EUmYTa0?amp=1
13 May 2019
A
03:59
Android Security & Malware
Screenshot_20190511-155516.png
69.3 KB
04:01
3 fake apps found on Google Play Store. Their goal is to steal text messages and set itself as default SMS app. If you have them installed, uninstall them!
A
05:36
Android Security & Malware
T
The Bug Bounty Hunter 13.05.2019 05:30:01
Pentesting Android applications by reversing and finding attack surfaces
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39
A
12:15
Android Security & Malware
Did You Know These Mobile Fraud Examples?
https://www.linkedin.com/pulse/did-you-know-mobile-fraud-examples-ad-fraud-historian
A
16:06
Android Security & Malware
DEF CON Quals 2019 : VERYANDROIDOSO
#Android #CTF #Writeup #Frida
https://eybisi.run/DEF-CON-Quals-2019-Veryandroidoso/
A
17:09
Android Security & Malware
Four Main Mobile Payment Models and their security
https://2muchcoffee.com/blog/paying-with-your-mobile-phone-types-and-models/
A
18:19
Android Security & Malware
“If you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature,” Twitter said
https://threatpost.com/twitter-leaked-ios-users-location/144687/
18:34
Android app "Ever - Capture Your Memories" with 1M+ installs.

What began in 2013 as another cloud storage app has pivoted toward a far more lucrative business known as Ever AI — without telling the app’s millions of users.
https://www.nbcnews.com/tech/security/millions-people-uploaded-photos-ever-app-then-company-used-them-n1003371
14 May 2019
A
02:23
Android Security & Malware
Update WhatsApp!

WhatsApp just fixed a vulnerability that allowed malicious actors to remotely install spyware on affected phones, and an unknown number reportedly did so with a commercial-grade snooping package usually sold to nation-states.
https://techcrunch.com/2019/05/13/whatsapp-exploit-let-attackers-install-government-grade-spyware-on-phones/
A
06:13
Android Security & Malware
A Korean-speaking hacking group in operation since at least 2016 is expanding its arsenal of hacking tools to include a Bluetooth-device harvester in a move that signals the group’s growing interest in mobile devices.
https://arstechnica.com/information-technology/2019/05/korean-speaking-hackers-add-bluetooth-harvester-to-its-tool-arsenal/
A
09:37
Android Security & Malware
Android & iOS app "Call India - IntCall" allows anyone to register any phone number without OTP verification

This means that anyone can make calls spoofing any phone number.

This concerns only users from #India 🇮🇳
The app hasn't been updated since 2014.
https://www.news18.com/amp/news/tech/this-android-calling-app-presents-a-huge-threat-but-is-still-guarded-by-a-high-rating-2140363.html?__twitter_impression=true
A
15:59
Android Security & Malware
[technical analysis of WhatsApp vulnerability]

Vulnerable RTCP module is called before the WhatsApp voice call is answered - 0 click RCE.
https://research.checkpoint.com/the-nso-whatsapp-vulnerability-this-is-how-it-happened/
A
17:58
Android Security & Malware
U.S. immigration cops just spent $1 Million on iPhone hacking equipment.

GrayKey, previously described as the world’s best iPhone hacking tech for police and intelligence agents, allowing them to break passcodes and retrieve information from inside Apple devices.
https://www.forbes.com/sites/thomasbrewster/2019/05/08/immigration-just-spent-a-record-1-million-on-the-worlds-most-advanced-iphone-hacking-tech/
15 May 2019
A
11:54
Android Security & Malware
The simple reality is there are so many 0-day exploits for iOS and the only reason why just a few attacks have been caught in the wild is that iOS phones by design hinder defenders to inspect the phones.

So, if someone says there is no malware on iOS - it's not true - because there is no simple way to prove there was malware.
https://www.vice.com/en_us/article/pajkkz/its-almost-impossible-to-tell-if-iphone-has-been-hacked
16 May 2019
A
04:51
Android Security & Malware
Google Play already scans apps for security issues!

In App Security Improvement program since 2015.
The program has helped more than 300,000 developers to fix more than 1,000,000 apps on Google Play. In 2018 alone, the program helped over 30,000 developers fix over 75,000 apps.
https://developer.android.com/google/play/asi
A
06:36
Android Security & Malware
Under the order that will take effect in the coming days, Huawei will need a U.S. government license to buy American technology.
In August, Trump signed a bill that barred the U.S. government itself from using equipment from Huawei and ZTE.
https://www.reuters.com/article/us-usa-china-huaweitech/chinas-huawei-70-affiliates-placed-on-u-s-trade-blacklist-idUSKCN1SL2W4
A
17:39
Android Security & Malware
17 May 2019
A
04:24
Android Security & Malware
19 May 2019
A
05:17
Android Security & Malware
Account takeover prevention

We found that an SMS code sent to a recovery phone number helped block 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks. On-device prompts, a more secure replacement for SMS, helped prevent 100% of automated bots, 99% of bulk phishing attacks and 90% of targeted attacks.
https://security.googleblog.com/2019/05/new-research-how-effective-is-basic.html?m=1
A
13:26
Android Security & Malware
Analysis of UC Browser bug that could run unverified code.

Vulnerability in UC Browser could distribute and launch malicious libraries. These libraries will work in the context of the browser, resulting in full system privileges that the browser has.
https://m.habr.com/en/company/drweb/blog/452076/
A
16:08
Android Security & Malware
Google has stopped providing Huawei with hardware and software products.
In other words, while Huawei can still use Android itself, most proprietary services will be inaccessible — including the Google Play Store, Gmail, and presumably anything else that requires the closed-source Play Services Framework.
https://www.androidpolice.com/2019/05/19/huaweis-future-phones-reportedly-wont-have-access-to-google-services-including-the-play-store/
A
16:51
Android Security & Malware
In reply to this message
This means that Huawei loses Android updates and all their users access to Google Play Store.
20 May 2019
A
02:22
Android Security & Malware
Over 19 Android vulnerability reports in one place
https://twitter.com/fs0c131y/status/1129680329994907648
A
03:04
Android Security & Malware
Asacube source code - Android banking Botnet - is available for free with video tutorial how to use it.

Back-end can build custom malicious APKs + generate landing page without any coding skill required.

Based on tutorial, anyone can build custom Android banking Trojan within 30 minutes.
A
03:51
Android Security & Malware
Existing Huawei users will not lose Google services such as Google Play and the security protections from Google Play Protect.
A
10:53
Android Security & Malware
Aggressive adware with 5M+ installs. App also contains fake reviews.
Discovered by Nikolaos Chrisaidos.
10:56
VidMate - Chinese video app with 500M+ installs is charging people, draining their batteries, and exposing data without their knowledge.
https://www.buzzfeednews.com/article/craigsilverman/vidmate-app-download
A
16:31
Android Security & Malware
Facebook Messenger Bug in Android

An attacker is able to send media messages on behalf of other users on Facebook Messenger
https://bugreader.com/kbazzoun@sending-message-on-behalf-of-other-users-72
21 May 2019
A
06:26
Android Security & Malware
Everyone should read this sad story.

Real victim of SIM swapping lost $100K from Coinbase within 24h.

This happened not because of malware, but as a result of sharing too much personal information on social media that end up in intelligence gathering for targeted attack.
https://t.co/Tu1ML9QGDi
A
06:45
Android Security & Malware
SIM swapping attack scenario.
Don't use SMS 2 factor authentication but software key generator instead.
A
18:06
Android Security & Malware
New release of Kali NetHunter 2019.2 (Kali for Android).

NetHunter now supports over 50 devices running all the latest Android versions, from KitKat through to Pie.
https://www.kali.org/news/kali-linux-2019-2-release/
22 May 2019
23 May 2019
A
03:00
Android Security & Malware
Objection - Runtime Mobile Exploration toolkit without need for a jailbroken or rooted mobile device.
Supports iOS & Android while powered by Frida.
https://github.com/sensepost/objection
A
07:05
Android Security & Malware
Phishing "Trezor Mobile Wallet" app found on Google Play and pops as a second search result.

This fake Trezor is also connected to "Coin Wallet" service which was another cryptocurrency wallet on Google Play with over 1,000 installs using same source code and server.
https://www.welivesecurity.com/2019/05/23/fake-cryptocurrency-apps-google-play-bitcoin/
24 May 2019
A
05:41
Android Security & Malware
For more than a year, mobile browsers like Google Chrome, Firefox, and Safari failed to show any phishing warnings to users, according to a research paper published this week.
https://www.zdnet.com/article/mobile-chrome-safari-and-firefox-failed-to-show-phishing-warnings-for-more-than-a-year/
28 May 2019
A
08:41
Android Security & Malware
Rather use your charging adapter then USB charging stations.

“Let’s say I’m a bad guy. I go into an airport. I’m not going to easily take apart the charging station but it’s easy to just leave my cord behind. Now, if you see an Apple charging cord, you’re likely to grab it or just plug into it. But inside this cord is an extra chip that deploys the malware, so it charges your phone but now I own your computer.”
https://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/
A
20:25
Android Security & Malware
The DuckDuckGo Privacy Browser application 5.26.0 for Android allows address bar spoofing via a setInterval call
https://www.inputzero.io/2019/05/duckduckgo-address-bar-spoofing.html
31 May 2019
A
03:46
Android Security & Malware
How to start with reverse engineering of ARM http://www.giovanni-rocca.com/i-want-to-be-an-arm-reverse-engineer/
A
17:38
Android Security & Malware
Fake Antivirus app found on Google Play
https://blog.trustlook.com/security-app-rreview-lionmobi/
1 June 2019
A
10:43
Android Security & Malware
IOS Security - Web View XSS

https://www.allysonomalley.com/2019/05/31/seguridad-de-ios-web-view-xss/
3 June 2019
A
17:19
Android Security & Malware
Top Android malware threats - May 2019 http://skptr.me/malware_timeline_2019.html
4 June 2019
A
05:53
Android Security & Malware
https://securitydiscovery.com/chinese-dating-apps/
5 June 2019
A
03:49
Android Security & Malware
Lookout has discovered 238 unique applications that include BeiTaPlugin adware with over 440 million installations on Google Play
https://blog.lookout.com/beitaplugin-adware
6 June 2019
A
02:43
Android Security & Malware
The idea of the new system is to turn Apple’s existing network of iPhones into a massive crowdsourced location tracking system. Every active iPhone will continuously monitor for BLE beacon messages that might be coming from a lost device. When it picks up one of these signals, the participating phone tags the data with its own current GPS location; then it sends the whole package up to Apple’s servers.
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
A
07:12
Android Security & Malware
Don't install these apps, they are still available on Google Play. These apps display unwanted after user unlocks device and hide from home menu.
These apps mostly impersonate Camera/Photo editor applications.
Source: https://twitter.com/LukasStefanko/status/1136568939239137280?s=19
A
11:11
Android Security & Malware
Talk about 10 different Android malware families discovered on Google Play + analysis on Anubis Banking Trojan
https://youtu.be/4oSuv-kXWJI
A
14:16
Android Security & Malware
PHONES INFECTED WITH BACKDOOR TROJAN
Impacted models include the Doogee BL7000, the M-Horse Pure 1, the Keecoo P11, and the VKworld Mix Plus.
https://www.zdnet.com/article/germany-backdoor-found-in-four-smartphone-models-20000-users-infected/
7 June 2019
A
04:22
Android Security & Malware
Preinstalled backdoor - Triada - found in Android devices.

Triada infects device system images through a third-party during the production process. Sometimes OEMs want to include features that aren’t part of the Android Open Source Project, such as face unlock. The OEM might partner with a third-party that can develop the desired feature and send the whole system image to that vendor for development.
https://security.googleblog.com/2019/06/pha-family-highlights-triada.html
8 June 2019
A
07:05
Android Security & Malware
“Digging Android Applications — Part 1 — Drozer + Burp” by Yasho https://link.medium.com/gVswDFdKlX
A
08:59
Android Security & Malware
Anubis Android Bank Trojan technical analysis and recent activities summary (Chinese)
https://ti.qianxin.com/blog/articles/anubis-android-bank-trojan-technical-analysis-and-recent-activities-summary/
9 June 2019
A
07:39
Android Security & Malware
Many unofficial Telegram apps could be remotely controlled
https://link.medium.com/FfLwZsvrnX
10 June 2019
A
03:08
Android Security & Malware
Mobile phishing toolkit remotely controlled by an app
https://github.com/UndeadSec/SocialFishMobile
A
06:51
Android Security & Malware
Anubis downloader found on Google Play with 1,000+ installs.
Info: https://twitter.com/0xabc0/status/1137988063244763136?s=19 via @0xabc0
A
13:51
Android Security & Malware
Overview of 4 techniques used by Android malware to detect name of launched app.
+ how developers can protect their apps against one of these technique.
https://eybisi.run/Mobile-Malware-Analysis-Overlay-and-How-to-Counter-it/
A
17:52
Android Security & Malware
How to get payload of obfuscated Gustuff malware using Frida & Strace
http://skptr.me/dealing_with_obfuscated_malware_like_gustuff.html
11 June 2019
A
02:16
Android Security & Malware
PhoneSploit - ADB tools in one place + additional features
https://github.com/Zucccs/PhoneSploit/blob/master/README.md
12 June 2019
A
09:34
Android Security & Malware
Trojan downloader found on Google Play by @Maler360

-once launched, hides itself icon
-downloads additional app over HTTP
-makes user install it
-second app can then download additional apps & make user install them as "Update Alert" + display ads
-100,000+ installs
-reported

Video demo: https://twitter.com/LukasStefanko/status/1138764352411131905
13 June 2019
A
02:16
Android Security & Malware
iOS Kernel Fuzzing - Finding Bugs/Vulnerabilities in iOS via IOKit Fuzzing https://youtu.be/Psm_mCJXH-8
A
04:21
Android Security & Malware
T
The Bug Bounty Hunter 12.06.2019 11:06:25
Yaazhini - Free Android APK & API Vulnerability Scanner https://www.vegabird.com/yaazhini/
A
06:07
Android Security & Malware
Android app - La Liga - spied on football fans

According to reports, audio recorded through the Android smartphone’s microphone was combined with GPS location data in an attempt to determine if bars and restaurants were airing live matches without a license.
https://hotforsecurity.bitdefender.com/blog/la-liga-fined-e250000-after-android-app-spied-on-football-fans-21332.html
A
11:21
Android Security & Malware
Four more apps with 220,000+ installs were lately available on Google Play with the functionality to download and make victim install additional apps + display unwanted ads.

This one is still there, found by @m0br3v
A
17:42
Android Security & Malware
6 MUST HAVE TOOLS FOR YOUR IOS PENTESTING TOOLKIT
https://payatu.com/6-must-tools-ios-pentesting-toolkit/
14 June 2019
A
01:51
Android Security & Malware
Methodology for penetration testing and security assessment.
https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md
A
02:48
Android Security & Malware
Operation Android : Android Pentesting is out.
https://www.peerlyst.com/posts/operation-android-android-pentesting-is-out-benedict-charles
A
05:15
Android Security & Malware
Apps on Google Play pushed fraudulent notifications through browser
https://news.drweb.com/show/?i=13313&lng=en
15 June 2019
A
07:48
Android Security & Malware
Solution to Access iOS and High-End Android Devices

Bypass or determine locks and perform a full file system extraction on any iOS device and on many high-end Android devices.
https://www.cellebrite.com/en/ufed-premium/
17 June 2019
A
02:50
Android Security & Malware
Mobile Stalkware industry research - a predator in your pocket
https://citizenlab.ca/docs/stalkerware-holistic.pdf
A
06:56
Android Security & Malware
New technique to bypass SMS permission restriction on Google Play to obtain 2FA & OTP codes.
It intercepts SMS notifications.
Discovered fake cryptocurrency exchanges with such functionality on Play Store.
https://www.welivesecurity.com/2019/06/17/malware-google-permissions-2fa-bypass/
A
09:47
Android Security & Malware
Samsung advice their users to scan their TVs for malware.
https://twitter.com/SamsungSupport/status/1140409768743452672
A
11:33
Android Security & Malware
Running iOS in QEMU to an interactive bash shell (1): tutorial
https://alephsecurity.com/2019/06/17/xnu-qemu-arm64-1/
A
15:34
Android Security & Malware
Apparently it's still working
http://imgur.com/a/tKarLNp
18 June 2019
A
09:37
Android Security & Malware
Mobile Cyberespionage Campaign ‘Bouncing Golf’ Affects Middle East

Over 660 Android victims infected via malicious webs promoted on social media. Main goal was espionage.
https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east/
19 June 2019
A
17:38
Android Security & Malware
QR code app on Google Play with over 1,000,000 installs requests $100 trial payment
https://www.androidpolice.com/2019/06/18/qr-code-app-on-play-store-ripping-people-off-for-100-through-shady-trial-scheme/
22 June 2019
A
18:40
Android Security & Malware
Malicious photo editor app found on Google Play with 10K+ installs

Malware signed users for unwanted subscription and intercepted SMS verification codes by having access to notifications.
https://www.kaspersky.com/blog/malicious-camera-app/27391/
A
19:09
Android Security & Malware
Mobile cryptojacking and related abuse
https://t.co/I40ye67huy (pdf)
23 June 2019
A
04:15
Android Security & Malware
Vulnerabilities and threats in mobile applications, 2019

https://www.ptsecurity.com/ww-en/analytics/mobile-application-security-threats-and-vulnerabilities-2019/
A
10:26
Android Security & Malware
Microsoft Outlook for Android Open to XSS Attacks

The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.
https://threatpost.com/microsoft-outlook-android-xss/145924/
A
13:49
Android Security & Malware
New cryptocurrency-mining botnet malware arrives via open ADB (Android Debug Bridge) ports and can spread via SSH
https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh/
24 June 2019
A
06:02
Android Security & Malware
Frida Android unpack

Script for Android O and Android P to get unpacked DEX file from memory.
https://github.com/xiaokanghub/Frida-Android-unpack/blob/master/README.md
A
16:43
Android Security & Malware
Using Frida as an attacker
https://github.com/0xdeadbeefJERKY/presentations/blob/master/Fridamania-in-Security.pdf
25 June 2019
A
10:09
Android Security & Malware
Dont hack mobile devices, hack cell network providers to conduct targeted surveillance on individuals of interest.
At least 10 cell networks have been hacked over the past 7 years.
https://techcrunch.com/2019/06/24/hackers-cell-networks-call-records-theft/
10:23
Another mobile banking Trojan family - Riltok

This demonstrate that misusing Accessibility services by Android banking malware is common feature now.
https://securelist.com/mobile-banker-riltok/91374/
26 June 2019
A
02:25
Android Security & Malware
The story of an Android application called MFSocket, a new monitoring tool made in China.
https://medium.com/@fs0c131y/mfsocket-a-chinese-surveillance-tool-58e8850c3de4
A
08:28
Android Security & Malware
Tracing the Supply Chain Attack on Android

Who is behind supply chain attack that resulted deliver malicious software being pre-installed on millions of new budget Android devices?
https://krebsonsecurity.com/2019/06/tracing-the-supply-chain-attack-on-android-2/
A
09:22
Android Security & Malware
ViceLeaker Operation: mobile espionage targeting Middle East

This campaign is mostly spread via Telegram and WhatsApp channels by posting Trojanized Android apps - Sex Game, Psiphon, English Story book...
https://securelist.com/fanning-the-flames-viceleaker-operation/90877/
A
10:02
Android Security & Malware
Apple Watch Forensics: Analysis

▪️Analyzing backups of a paired iPhone
▪️Extracting data from Apple Watch
▪️Device Information and the list of installed apps
▪️Extracting device logs
▪️Cloud acquisition
https://blog.elcomsoft.com/2019/06/apple-watch-forensics-02-analysis/
A
10:59
Android Security & Malware
EvilParcel vulnerabilities analysis

Android Malware that exploit the EvilParcel vulnerabilities are granted higher privileges and can:

▪️installing and removing applications
▪️infecting software installed on the device and replacing clean originals with infected copies
▪️resetting the lock screen PIN
https://habr.com/en/company/drweb/blog/457610/
A
11:28
Android Security & Malware
Massive-Scale Espionage: Hackers Reportedly Steal Records From Cell Phone Providers Worldwide
https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers
A
14:16
Android Security & Malware
Using Apple iCloud and Google to track users in real time
https://www.dropbox.com/s/3mb9t4rpk2pklxk/2019_Real-time_evidence_ElcomSoft.pdf
27 June 2019
A
08:15
Android Security & Malware
Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

Just like any other remote administration tool like DroidJack, DarkComet, AndroRAT, and njRAT, some customers of OmniRAT also used the tool for illicit purposes, especially because it was available at a far cheaper price than other RATs in the market.
https://thehackernews.com/2019/06/police-raid-omnirat-developer.html
A
12:48
Android Security & Malware
Remote Code Execution in Android emulator - BlueStacks.

Affected versions are lower than 4.90.0.1046
https://www.bleepingcomputer.com/news/security/bluestacks-flaw-lets-attackers-remotely-control-android-emulator/
28 June 2019
A
03:35
Android Security & Malware
T
The Bug Bounty Hunter 28.06.2019 02:58:10
Security of mobile OAuth 2.0
https://habr.com/en/company/mailru/blog/456702/
A
05:08
Android Security & Malware
Compass app from Google Play requests €215 per month. Obviously a scam.
https://twitter.com/s_metanka/status/1144377792760619008?s=19
A
07:52
Android Security & Malware
Cerberus Android BOT

New Android botnet available for sale on underground forum.
29 June 2019
A
05:20
Android Security & Malware
Android horror game with over 50,000 installs was phishing for Google and Facebook credentials
https://www.wandera.com/mobile-security/scary-granny-game-stealing-data/
30 June 2019
A
08:06
Android Security & Malware
Go Cheats – Mod & Hack with 100,000+ installs.

App had fake user interface, ads and root tools.
This fake app is now removed from Google Play!
https://twitter.com/s_metanka/status/1145116266962804737?s=03
1 July 2019
A
04:55
Android Security & Malware
Android analysis of Nicro malware
https://github.com/maddiestone/ConPresentations/blob/master/REcon2019.PathToThePayload.pdf
A
06:18
Android Security & Malware
You have to pay $1.99 for deleting your profile in dating app.
New scam technique?

"Because of the huge workload, we will charge $1.99 as service fee."
https://www.reddit.com/r/assholedesign/comments/c7nqw5/i_got_a_dating_app_but_wanted_to_delete_my/
A
07:31
Android Security & Malware
I went to Cirque du Soleil show - TORUK, where they offer app to be part of the show App would sync all the devices in audience with effects.
The first thing that came to my mind was if I can hack them...next day I found bug where I could control the show.

TORUK app left open port 6161 and accepted any request to perform commands at the show:
-change volume settings
-discover nearby Bluetooth devices
-display animations
-read or write to shared preferences
-set the position of the “Like” Facebook
https://androidappwatch.eset.com/latest-posts/a-great-show-is-now-history-as-is-its-insecure-mobile-app/
A
09:48
Android Security & Malware
Adware campaign discovered on Google Play

111 apps were found on Play Store with 9M+ installs.
https://blog.trendmicro.com/trendlabs-security-intelligence/adware-campaign-identified-from-182-game-and-camera-apps-on-google-play-and-third-party-stores-like-9apps/
A
14:29
Android Security & Malware
Malicious campaign that for years was using Facebook pages to spread malware across mobile and desktop environments targeting Libya 🇱🇾.
Threat actor used known open source Android RAT tools such as SpyNote.
https://research.checkpoint.com/operation-tripoli/
A
15:24
Android Security & Malware
Top Android malware threats of June, 2019

Full list - http://skptr.me/malware_timeline_2019.html
Download samples - https://github.com/sk3ptre/AndroidMalware_2019/blob/master/README.md
15:27
HiddenApp Adware with 50k+ installs found on Google Play
https://twitter.com/s_metanka/status/1145744992582995968?s=19
A
16:50
Android Security & Malware
Android Security Bulletin—July 2019

The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
Stay updated, stay secure.
https://source.android.com/security/bulletin/2019-07-01.html#2019-07-01-details
A
19:06
Android Security & Malware
FridaLoader - One click tool to download and launch the latest version of the Frida x86 Server on a Genymotion emulator. #tool
https://github.com/dineshshetty/FridaLoader
2 July 2019
A
03:17
Android Security & Malware
New version of WannaLocker, the WannaCry copycat for mobile, which bundles spyware, remote-access-Trojan (RAT) malware, and banking Trojan malware in one nasty package.
https://blog.avast.com/wannalocker-targets-banks-in-brazil
A
04:22
Android Security & Malware
Did you know that app developer on Google Play can based on user localization change app icon?
https://twitter.com/LukasStefanko/status/1145952428887543810
A
14:02
Android Security & Malware
China Is Forcing Tourists to Install Text-Stealing Malware at its Border

The malware downloads a tourist’s text messages, calendar entries, and phone logs, as well as scans the device for over 70,000 different files.
https://www.vice.com/amp/en_us/article/7xgame/at-chinese-border-tourists-forced-to-install-a-text-stealing-piece-of-malware
APK: https://github.com/motherboardgithub/bxaq
A
14:27
Android Security & Malware
Vulnerabilities in smart home hub allows hacker to open front door locks. #IoT
https://blackmarble.sh/zipato-smart-hub/
A
15:36
Android Security & Malware
Common Android App Vulnerabilities
A
18:13
Android Security & Malware
“Watering Hole” is a cyber attack strategy in which the victim is a particular group (organization, industry, or region).
In this attack, the attacker typically observes which websites or apps the group uses and infects one or more of them with malware.
https://blog.zimperium.com/the-mobile-watering-hole-how-a-sip-leads-to-a-trojan-compromise/
A
19:12
Android Security & Malware
HiddenApp adware found again on Google Play with 100k+ installs
https://twitter.com/s_metanka/status/1146113662169563137?s=19
3 July 2019
A
02:10
Android Security & Malware
Security of messaging apps
https://drive.google.com/file/d/1TkBq8Y8pBmNM-uBV3p5TyMF_ZAWVTyVY/view
A
16:51
Android Security & Malware
Analysis of a new wave of Android malware family - BianLian
https://www.fortinet.com/blog/threat-research/new-wave-bianlian-malware.html
A
17:36
Android Security & Malware
iOS emulator for Windows
https://github.com/ipasimulator/ipasim
4 July 2019
A
01:56
Android Security & Malware
June 2019 mobile malware review from Doctor Web

https://news.drweb.com/show/review/?lng=en&i=13335
A
02:24
Android Security & Malware
Did you know iPhones have liquid detector in their lightning connector with instructions what to do?
A
04:04
Android Security & Malware
iMessage: malformed message bricks iPhone.
Vulnerability was fixed in the 12.3 update.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1826
A
04:51
Android Security & Malware
High Time for Smartphone Privacy #slides
https://slides.com/nethemba/high-time-for-smartphone-privacy#/
A
07:03
Android Security & Malware
Seven HiddenApp Trojans with 550k+ installs found on Google Play
https://twitter.com/virqdroid/status/1146718450393473024
07:09
Unpatched vulnerability in Firefox for Android

Opening an HTML or SVG attachment received via WhatsApp could allow remote attackers to steal files saved in your WhatsApp folder (other received files).
https://twitter.com/evaristegal0is/status/1146455296673538048
A
10:50
Android Security & Malware
4shared Android app triggers suspicious background activity generating fake clicks and subscriptions
https://www.upstreamsystems.com/secure-d-uncovers-4shared-android-app-triggers-suspicious-background-activity-generating-fake-clicks-subscriptions/
A
15:16
Android Security & Malware
Android app with 10M+ installs requests $34.99 subscription for Samsung firmware updates. Every user can have them for free!
Payment is not via Google Play, but the app simply asks for credit card info.
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0
5 July 2019
A
05:26
Android Security & Malware
Debugging Samsung Android Kernel

Part 1: https://link.medium.com/bigUZPfr4X
Part 2: https://link.medium.com/sMzdJCpr4X
Part 3: https://link.medium.com/Eukm4Itr4X
A
18:52
Android Security & Malware
MobileHunter Analysis using glorifiedgrep

This is a quick and short writeup about how the Python module glorifiedgrep can be used for fast analysis of android applications.
https://www.securisec.com/tools/python/mobile_hunter/
6 July 2019
A
00:28
Android Security & Malware
All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.

-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
7 July 2019
A
12:58
Android Security & Malware
12:58
Coin Master game with 50M+ installs apparently tires to attract users back to the game with fake notifications.

https://www.reddit.com/r/assholedesign/comments/ca4g0o/this_app_gives_fake_notfications_saying_that_they/
A
15:45
Android Security & Malware
Exploiting Same Origin Policy (SOP) bypass in iOS 12.3.1 for Safari.
Exploit code is not released yet.
https://twitter.com/itszn13/status/1147591372867821568
A
18:57
Android Security & Malware
XPin Clip - bruteforce forensics solution for PIN, password and pattern lock.
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
8 July 2019
A
02:15
Android Security & Malware
myMail – Android email client could launch any protected activity in MyMail app. #vulnerability
https://hackerone.com/reports/376618
A
06:03
Android Security & Malware
Fake copycat of popular app "ES File Explorer" found on Google Play with 10K+ installs

App is without any functionality and displays ads + requests 5 star rating.
Don't install it!
https://twitter.com/LukasStefanko/status/1148115343455469568
A
06:35
Android Security & Malware
Trojan that drops + makes user install fake adware app Google Play discovered on Google Play

Fullscreen ads are displayed once user unlocks device on behalf of "Google Play" app.
https://twitter.com/0xabc0/status/1148147733485821953
A
14:11
Android Security & Malware
Anubis Android Malware Returns with Over 17,000 Samples
https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/
A
16:38
Android Security & Malware
Over 1,000 Android apps harvest data even after you deny permissions.

Apps used workarounds that would take personal data from sources like Wi-Fi connections and metadata stored in photos.
Fix won’t come until Android Q.
https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/
PDF: www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf
9 July 2019
A
02:13
Android Security & Malware
iOS 13 beta 3 available only for developers already exploited and got root shell #JailBreak
Exploit code is not released.
https://twitter.com/iBSparkes/status/1147830471440633858
A
06:52
Android Security & Malware
Hackers exploit 7-Eleven mobile app's poorly designed password reset function to make unwanted charges on 900 customers' accounts.
https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
A
11:42
Android Security & Malware
Australian Federal Police admits to spying on journalists

The authorities used a 2015 amendment to espionage legislation that forces telecommunications companies to keep phone and Internet records, as well as other metadata, of users for up to two years.
https://www.theguardian.com/australia-news/2019/jun/04/federal-police-raid-home-of-news-corp-journalist-annika-smethurst
A
12:12
Android Security & Malware
Analysis of subscription scam iOS apps found on App Store.

These are apps that are free to download and then ask you to subscribe right on launch. https://ivrodriguez.com/investigating-some-subscription-scam-ios-apps/
A
16:32
Android Security & Malware
Four Ways The Bad Guys Attack Mobile Devices

▪️Network based attacks
▪️Device exploits
▪️Phishing attacks
▪️Malicious apps
https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
A
18:30
Android Security & Malware
QCSuper: open-source tool that enables you to passively capture raw 2G/3G/4G frames by rooted Qualcomm-based Android phone or dongle
https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/
A
18:58
Android Security & Malware
iOS13 beta 2 notifies user when apps report excessive location tracking
https://www.reddit.com/r/ios/comments/cb4769/ios_13_public_beta_2_notifies_when_apps_report/
10 July 2019
A
07:12
Android Security & Malware
Towards Understanding Android System Vulnerabilities: Techniques and Insights
https://daoyuan14.github.io/slides/AsiaCCS19_slides_Daoyuan.pdf
A
09:56
Android Security & Malware
New FinFisher spy infects iOS (jailbreak) and Android devices.

FinFisher has been sold to governments all over the world. For iOS it doesn't use any exploit but manual installation is required.
Targets popular messaging apps.
https://securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/
A
10:32
Android Security & Malware
New Android malware replaces legitimate apps with ad-infested doppelgangers.

The vast majority of victims are located in India (15.2 million), Bangladesh (2.5 million), and Pakistan (1.7 million).
The Agent Smith malware uses the Janus technique to inject malicious code inside a legitimate app, but without affecting its MD5 file hash.
https://www.zdnet.com/article/new-android-malware-replaces-legitimate-apps-with-ad-infested-doppelgangers/
A
12:46
Android Security & Malware
Android Debug Bridge commands 💻📲

ADB commands are executed from PC on a connected Android device
11 July 2019
A
06:08
Android Security & Malware
Analysis of Agent Smith: A New Species of Mobile Malware
https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/
A
08:08
Android Security & Malware
How to set up quick Android malware or bug bounty analysis lab

1.0) Install Android 8.1 Oreo in Virtual Machine: https://techsviewer.com/install-android-in-virtual-machine-vmware-and-virtualbox

1.1) Android 8.1 in qemu and Burp Suite SSL interception: https://astr0baby.wordpress.com/2019/07/09/android-8-1-in-qemu-and-burp-suite-ssl-interception/

2) Set up SSL PINNING IN 10 MINUTES WITH FRIDA: https://omespino.com/tutorial-universal-android-ssl-pinning-in-10-minutes-with-frida/

3) Download apps or malware to test: https://koodous.com/apks
A
11:25
Android Security & Malware
The first Bluetooth hair straighteners can be easily hacked #IoT

As there is no pairing or bonding established over BLE when connecting a phone, anyone in range with the app can take control of the straighteners.
https://www.pentestpartners.com/security-blog/burning-down-the-house-with-iot/
13 July 2019
A
05:53
Android Security & Malware
iOS URL Scheme Susceptible to Hijacking

Abuse of the URL Scheme can potentially result in the loss of privacy, bill fraud, exposure to pop-up ads, and more.
https://blog.trendmicro.com/trendlabs-security-intelligence/ios-url-scheme-susceptible-to-hijacking/
A
06:12
Android Security & Malware
Fake DeepNude Downloads Gives You Malware Instead of Nudes

A brief search on YouTube indicates that the campaign started a week ago. The latest video linking to a file in the description was uploaded on Wednesday and has almost 1,000 views; it links to an Android app.
https://www.bleepingcomputer.com/news/security/fake-deepnude-downloads-gives-you-malware-instead-of-nudes/
06:15
58 HiddenAds Trojans with over 8,200,000 installs found on Google Play
https://twitter.com/m0br3v/status/1149621258671099907?s=19
A
07:56
Android Security & Malware
Android backdoor found on Google Play in OpenGL Plugin app
https://news.drweb.com/show/?i=13349&lng=en
A
12:49
Android Security & Malware
How mobile black products benefit from plug-in technology - part II. #Chinese
https://blog.trustlook.com/hei-chan-li-qi-an-zhuo-duo-kai/
14 July 2019
A
05:35
Android Security & Malware
Awesome Cellular Hacking

List with the most up to date exploits, blogs, research, and papers in the 3G/4G/5G Cellular security space.
https://github.com/W00t3k/Awesome-Cellular-Hacking
A
17:13
Android Security & Malware
T
The Bug Bounty Hunter 14.07.2019 16:54:07
Facebook Bug bounty page admin disclose bug {Facebook Android app}
https://medium.com/@yusuffurkan/facebook-bug-bounty-page-admin-disclose-bug-facebook-android-app-c0fa50459177
A
20:26
Android Security & Malware
Detail analysis of a high quality bug in the JavaScript engine capable of bypassing all current iOS mitigations!
[PDF presentation] https://objectivebythesea.com/v2/talks/OBTS_v2_Todesco.pdf
15 July 2019
A
06:53
Android Security & Malware
The Art of iPhone Acquisition

-Break the passcode
-Logical acquisition
-Physical acquisition
-Cloud acquisition
https://blog.elcomsoft.com/2019/07/the-art-of-iphone-acquisition/
A
11:12
Android Security & Malware
Fake Antivirus app found on Google Play
https://twitter.com/virqdroid/status/1150757620703203329
A
15:52
Android Security & Malware
Android Spy spreads in Israel 🇮🇱 via Facebook page
https://twitter.com/IdoNaor1/status/1150818794597703681?s=19
APK sample: https://beta.virusbay.io/sample/browse/895fffe1afc16b2c9836a00f82028282
A
17:14
Android Security & Malware
Subscription scam app found on Google Play
https://blog.avast.com/avast-researcher-finds-apparent-android-app-scam
16 July 2019
A
02:19
Android Security & Malware
Unofficial Telegram App Secretly Loads Infinite Malicious Sites

MobonoGram 2019 app was downloaded more than 100,000 times and performed adfraud clicks.
https://www.symantec.com/blogs/threat-intelligence/unofficial-telegram-app-malicious-sites
A
02:42
Android Security & Malware
Attackers Can Manipulate Your WhatsApp and Telegram Media Files

"Media File Jacking" flaw affects WhatsApp and Telegram for Android
https://www.symantec.com/blogs/expert-perspectives/symantec-mobile-threat-defense-attackers-can-manipulate-your-whatsapp-and-telegram-media
A
03:40
Android Security & Malware
Hacking into Tinder’s Premium Model

Vulnerability in Tinder API allows user to see photo of person that already liked you without premium model.
Tinder responded: We are aware and we choose to not take any action.
https://medium.com/@sansyrox/hacking-tinders-premium-model-43f9f699d44
A
06:03
Android Security & Malware
Android banking Trojan - Riltok - spreads in France 🇫🇷 through SMS as fake Leboncoin
https://twitter.com/benkow_/status/1151047351341072385
A
09:56
Android Security & Malware
Stalkerware apps found on Google Play
https://twitter.com/virqdroid/status/1151111407284473861

Article: https://blog.avast.com/avast-identifies-stalker-apps
10:00
HiddenAds Trojan found on Google Play in "beauty selfie" app with 10K+ installs
https://twitter.com/s_metanka/status/1151106094267273217
A
17:48
Android Security & Malware
Exploiting SSL Vulnerabilities in Mobile Apps

How an attacker can exploit a vulnerable app’s broken SSL implementation and intercept cleartext HTTPS traffic – without the victim having installed any CA Certificates or accepting any additional untrusted certificates.
https://www.allysonomalley.com/2019/07/15/exploiting-ssl-vulnerabilities-in-mobile-apps/
A
18:18
Android Security & Malware
Kali NetHunter App Store 

The New Android Store Dedicated to Free Security Apps based on F-Droid
https://www.offensive-security.com/kali-nethunter/kali-nethunter-app-store/
17 July 2019
A
02:45
Android Security & Malware
Google Banned Major Chinese App Developer CooTek From The Play Store And Its Ad Platforms

CooTek, based in Shanghai, had hundreds of Android apps in the Play store. More than 60 of its apps have been removed from the Play store, and CooTek is now completely banned from Google’s lucrative ad platforms.
CooTek is the second major Chinese app developer to receive a ban by Google this year.
https://www.buzzfeednews.com/article/craigsilverman/google-banned-cootek-adware
A
03:01
Android Security & Malware
Tencent implements realtime, automatic censorship of chat images on WeChat

How?
1) Based on what text is in an image (using OCR)
2) Based on an image’s visual similarity to those on a blacklist
3) Based on hash of image that exist in database
https://citizenlab.ca/2019/07/cant-picture-this-2-an-analysis-of-wechats-realtime-image-filtering-in-chats/
A
04:08
Android Security & Malware
Mobile Hacking: Using Frida to Monitor Encryption
https://www.trustedsec.com/2019/07/mobile-hacking-using-frida-to-monitor-encryption/
18 July 2019
A
04:27
Android Security & Malware
Dwarf – joining UI with automation - Frida and r2
http://www.giovanni-rocca.com/dwarf-joining-ui-with-automation-frida-and-r2/
A
10:09
Android Security & Malware
Android Malware Analysis : Dissecting Hydra Dropper

Includes GDB debugging of its native library
https://pentest.blog/android-malware-analysis-dissecting-hydra-dropper/
A
10:48
Android Security & Malware
Android Analysis: Solving Flaggy Bird mobile challenge (Google CTF 2019)
https://blog.nviso.be/2019/07/18/solving-flaggy-bird-google-ctf-2019/
A
11:11
Android Security & Malware
DEXCALIBUR: AUTOMATE YOUR ANDROID APP REVERSE

or hooking for dummies
https://2019.pass-the-salt.org/files/slides/02-Dexcalibur.pdf
A
12:47
Android Security & Malware
The first time when users can buy Samsung mobile with pre-installed spyware
19 July 2019
A
07:04
Android Security & Malware
QR code app requests €104,99 per year - subscription scam
https://twitter.com/jag_chandra/status/1152146311778635777?s=19
A
10:37
Android Security & Malware
FaceApp PRO apps from YouTube gets you in trouble

Two scams:
1)Fake websites (iOS & Android): deliver ads,surveys, subscription,PPI,unrelated browser notifications.

2)Fake apps: From YouTube videos with link to adware
In one case with 95,000+ link clicks
https://www.welivesecurity.com/2019/07/19/faceapp-spotlight-scams-emerge/
A
11:37
Android Security & Malware
Android KicoBotnet malware
https://twitter.com/virqdroid/status/1152216041830981633
20 July 2019
A
18:16
Android Security & Malware
Tinder is another app to bypass the Play Store to avoid Google’s 30 percent cut

TINDER WILL NOW TAKE YOUR PAYMENT INFO DIRECTLY, INSTEAD OF LETTING GOOGLE PROCESS THE TRANSACTION
https://www.theverge.com/2019/7/19/20701256/tinder-google-play-store-android-bypass-30-percent-cut-avoid-self-install
22 July 2019
A
08:17
Android Security & Malware
HiddenAd Trojan found on Google Play
Info: https://twitter.com/Maler360/status/1153260314902708225?s=19
A
13:37
Android Security & Malware
Analyzing iOS Stalkerware Applications
https://ivrodriguez.com/analyzing-ios-stalkerware-apps/amp/?__twitter_impression=true
23 July 2019
A
10:50
Android Security & Malware
Looks like someone successfully created PoC for Android CVE-2019-2107 RCE

PoC: You can own the mobile by viewing a video with payload. Should works on Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.
https://github.com/marcinguy/CVE-2019-2107
24 July 2019
A
11:41
Android Security & Malware
Story wrap-up about PoC CVE-2019-2107 with the comments from PoC author and Google.

▪️ Google - vulnerability wasn't exploited in the wild yet
▪️ PoC author - exploit wouldn't work if the video will be shared on Facebook, YouTube, Instagram...because of encoding
https://thenextweb.com/security/2019/07/24/google-android-vulnerability-malicious-video/
A
14:34
Android Security & Malware
Monokle

The Mobile Surveillance Tooling of the Special Technology Center
https://www.lookout.com/documents/threat-reports/lookout-discovers-monokle-threat-report.pdf
25 July 2019
A
03:22
Android Security & Malware
In reply to this message
Monokle - Mobile Surveillance Tool

Highlights
▪️ on rooted devices can install own certificate to MitM TLS traffic
▪️ steals user defined words used for predictive text input
▪️ records the user unlocking device to get PIN
▪️ spread as Trojanized: Signal, ES explorer, Porn Hub...
▪️ via Xposed module can create hooks and hide presence in process list
▪️ via accessibility services can capture data from: Microsoft Word, Google Docs, Facebook messenger, Whatsapp, imo, Viber, Skype, WeChat, VK, Line, and Snapchat.
▪️ developed by Special Technology Center (STC) - a Russian defense contractor
▪️ there is also iOS version
▪️ can execute 33 commands on infected devices
26 July 2019
A
08:46
Android Security & Malware
jnitrace

A Frida module to trace usage of the JNI API in Android apps.
https://github.com/chame1eon/jnitrace
27 July 2019
A
09:11
Android Security & Malware
Mobile banking malware: With over 50% increase in attacks when compared to 2018 - via Check Point
https://www.checkpoint.com/press/2019/check-point-research-from-supply-chain-to-email-mobile-and-the-cloud-no-environment-is-immune-to-cyber-attacks/
A
09:45
Android Security & Malware
Android Pentesting/Bug Hunting 101

-set-up Burp
-bruteforce OTP
-ADB leaks
-IDOR vulnerability
-list of static & dynamic vulnerabilities you should always check
https://link.medium.com/Ohrs3M1eFY
28 July 2019
A
05:06
Android Security & Malware
Scareware Youtube ads "Your Phone has Virus ⚠️" techniques are misused to promote lousy Android antivirus app.

BTW, this app has 100K+ installs and has been available on Google Play only since Jul 5, 2019 without any reference or web site.
https://t.co/efC3Rh30NX
29 July 2019
A
05:58
Android Security & Malware
SQL Injection found in NextCloud Android App Content Provider
https://hackerone.com/reports/291764
06:00
Bypassing lock protection in Nextcloud Android app
https://hackerone.com/reports/490946
A
10:12
Android Security & Malware
Android Icon-hiding Adware found on Google Play

Seven apps with altogether over 700,000 installs.
https://twitter.com/s_metanka/status/1155824374177587201
A
12:13
Android Security & Malware
New Android Crypto Ransomware spreads via SMS to your contacts

-ransomware was distributed via XDA Developers forum and Reddit
-uses 42 predefined SMS texts to spread for particular languages
-encrypts files and adds .seven extension
-requests BTC
https://www.welivesecurity.com/2019/07/29/android-ransomware-back
A
18:09
Android Security & Malware
iMessage: memory corruption when decoding NSKnownKeysDictionary1
https://bugs.chromium.org/p/project-zero/issues/detail?id=1884
18:18
If Bluetooth is ON on your Apple device everyone nearby can sniff your mobile phone number. [Video demo included]
https://hexway.io/blog/apple-bleee/
PoCs: https://github.com/hexway/apple_bleee
30 July 2019
A
02:52
Android Security & Malware
Five bugs in iMessages

1) CVE-2019-8647 is a remote, interactionless use-after-free - https://bugs.chromium.org/p/project-zero/issues/detail?id=1873

2) CVE-2019-8662 - https://bugs.chromium.org/p/project-zero/issues/detail?id=1917

3) CVE-2019-8660 is remote, interactionless memory corruption - https://bugs.chromium.org/p/project-zero/issues/detail?id=1884

4) CVE-2019-8646 allows an attacker to read files off a remote device with no user interaction, as user mobile with no sandbox - https://bugs.chromium.org/p/project-zero/issues/detail?id=1858

5) Out-of-bounds read in DigitalTouch tap message processing - https://bugs.chromium.org/p/project-zero/issues/detail?id=1828
A
04:43
Android Security & Malware
In reply to this message
Such vulnerabilities, when sold on the black market, can bring a bug hunter well over $1 million, according to a price chart published by Zerodium.
https://www.zdnet.com/article/google-researchers-disclose-exploits-for-interactionless-ios-attacks/
A
09:43
Android Security & Malware
2019 mobile threat report - CrowdStrike.pdf
367.4 KB
Mobile Threat Landscape Report 2019

A comprehensive review of mobile malware trend
A
10:31
Android Security & Malware
Update your Truecaller app

The bug led the Truecaller app to quietly send a text message to a bank to verify their account — which is part of the procedure to sign up to the payments service.
https://techcrunch.com/2019/07/30/truecaller-upi-payments-bug/
10:44
Mobile Security Review 2019

Google Play Protect had the worst malware scan results.

"Android includes built-in security features for malware detection, device loss or theft, and safe browsing for free. However, Play Protect does not yet provide effective protection." @AV_Comparatives
https://www.av-comparatives.org/tests/mobile-security-review-2019/
A
11:51
Android Security & Malware
Facebook & WhatsApp will send to their cloud all users messages in clear text before encryption. #privacy

"If the company’s new on-device content moderation succeeds it will usher in the end of consumer end-to-end encryption and create a framework for governments to outsource their mass surveillance directly to social media companies, completely bypassing encryption."
https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/
A
14:38
Android Security & Malware
Mobile forensics are analyzing the smartphone itself with possible access to cloud data. However, extending the search to the user’s desktop and laptop computers may (and possibly will) help accessing information stored both in the physical smartphone and in the cloud.
https://blog.elcomsoft.com/2019/07/extended-mobile-forensics-analyzing-desktop-computers/
31 July 2019
A
10:58
Android Security & Malware
HiddenAd Adware with 500,000 installs found on Google Play
https://twitter.com/ESETresearch/status/1156551255701020672?s=19
A
12:38
Android Security & Malware
AdFraud app found on Google Play had 1,000,000+ installs
https://twitter.com/ESETresearch/status/1156587825812271106?s=19
1 August 2019
A
06:49
Android Security & Malware
In reply to this message
Remotely Stole Files Through iMessage on iOS 12.3.1 (CVE-2019-8646 by natashenka)
https://youtu.be/ld2m0CPR1nM
A
07:31
Android Security & Malware
Review of harmful apps on Google Play in July 2019

All these apps and numbers are based on researches, blogs, reports, tweets published in July, 2019 by #infosec community.
A
12:00
Android Security & Malware
T
The Bug Bounty Hunter 01.08.2019 10:54:48
Opera Android Address Bar Spoofing: CVE-2019–12278
https://medium.com/@justm0rph3u5/opera-android-address-bar-spoofing-cve-2019-12278-9ffcfd6c508c
A
12:05
Android Security & Malware
America Phone Farmers

Ordinary Americans are using armies of phones to generate cash through ad fraud.
https://www.vice.com/en_us/article/d3naek/how-to-make-a-phone-farm
2 August 2019
A
02:16
Android Security & Malware
Tested 21 Android antivirus apps and found serious vulnerabilities

-3 IDOR vulnerabilities (leak address book, send fake alerts, remotely disabling AV protection)
-2 XSS
https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/
A
03:17
Android Security & Malware
Top Android malware threats - Month of July, 2019

Full list: http://skptr.me/malware_timeline_2019.html
Download samples: https://github.com/sk3ptre/AndroidMalware_2019
A
04:05
Android Security & Malware
Fake Antivirus with 100K+ installs found on Google Play
https://twitter.com/tom_sara05/status/1157176010585997312?s=19
A
05:32
Android Security & Malware
Subscription scam on Google Play with 1,000,000+ downloads exploits 3-day trial, then robs you of €54.99 per week
https://twitter.com/ESETresearch/status/1157206903602028544
3 August 2019
A
05:32
Android Security & Malware
Three adware apps with 30,000+ installs altogether.

- in app manager they change name to Google Play Store
- hide itself icon
- display full-screen ads every 15 minutes, but only starting 24 hours after installation
https://labs.bitdefender.com/2019/07/adware-packed-fake-apps-still-making-their-way-to-google-play/
05:42
HiddenAd adware discovered on Google Play was one of the top 10 new apps in the store in July!
Reached 1M+ downloads. Reported.
https://t.co/iY3z60gicp
A
08:04
Android Security & Malware
Record for HiddenAd Adware found on Google Play.
It reached 5,000,000+ installs.

-after launch can hide itself icon
-after unlocking device it display fullscreen ad
-reported
https://twitter.com/ReBensk/status/1157267868993515521?s=19
A
10:25
Android Security & Malware
Found new ways to hack WPA3 protected wifi passwords
https://wpa3.mathyvanhoef.com/
4 August 2019
A
08:19
Android Security & Malware
HiddenAd trojan discovered on Google Play with 100,000 installs.
Once installed, it executes itself without user interaction and displays ads.
https://t.co/DOVPmX50Bs
6 August 2019
A
06:28
Android Security & Malware
Compromise Android Kernel be compromised by over-the-air

CVE-2019-10538 - allows attackers to compromise the WLAN and the chip's modem over-the-air.
CVE-2019-10540 - an attacker can exploit it to compromise the Android Kernel from the WLAN component.
https://blade.tencent.com/en/advisories/qualpwn/
A
06:48
Android Security & Malware
Within 1 kilometer - surveillance van - can spy on WhatsApp messages, Facebook chats, texts, calls, contacts...
https://www.forbes.com/sites/thomasbrewster/2019/08/05/a-multimillionaire-surveillance-dealer-steps-out-of-the-shadows-and-his-9-million-whatsapp-hacking-van/
A
07:49
Android Security & Malware
Doctor Web’s overview of virus activity on mobile devices in July 2019
https://news.drweb.com/show/review/?lng=en&i=13374
A
11:27
Android Security & Malware
Need to reverse engineer an iOS app?
Works on iOS11 & 12
https://twitter.com/ddouhine/status/1158700402419937280?s=19
A
12:58
Android Security & Malware
How To Start IoT Device Firmware Reverse Engineering? #IoT
http://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/
A
13:58
Android Security & Malware
Pwning the Galaxy S8

Bug 0: Pwning and Examining the browser’s renderer process
Bug 1: Incomplete fix for CVE-2016-5197
Bug 2: The Email loves EML with a … XSS
Bug 3: … And file:/// crossdomain
Bug 4: Pwn a process with INSTALL_PACKAGES privilege
Bug 5: Push SDK pushes vulnerability
https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/
7 August 2019
A
02:19
Android Security & Malware
Facebook sues two developers from Google Play for click injection fraud

Developers: LIONMOBI and Jedimobi
Altogether 7 apps on Google Play
Altogether 217,000,000+ installs of these apps

Click injection fraud: The malware created fake user clicks on Facebook ads that appeared on the users’ phones, giving the impression that the users had clicked on the ads.
https://newsroom.fb.com/news/2019/08/enforcing-against-click-injection-fraud/
A
03:02
Android Security & Malware
Fake Antivirus with 50,000+ installs
https://twitter.com/ReBensk/status/1158280511124471808?s=19
A
07:35
Android Security & Malware
Captcha trick

Once Allowed, browser starts to push ad/scam notifications from this website.
A
14:03
Android Security & Malware
Contractors working for Microsoft are listening to personal conversations of Skype users conducted through the mobile app's translation service
https://www.vice.com/amp/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls
A
14:34
Android Security & Malware
Android Spyware masquerade as a security application performed spy activities - tracking device location and eavesdropping on call conversations. It was distributed via Google Play.
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/moqhao-related-android-spyware-targeting-japan-and-korea-found-on-google-play/
A
16:26
Android Security & Malware
Security analysis of counterfeit iPhone 6 and Samsung S10

-cost 1/10th of original
-both run vulnerable Android OS(4.4, 5.1)
-vulnerable kernels
-collect user info
-S10 contained RAT

I wouldn't use financial or social media apps on fake phones
https://blog.trailofbits.com/2019/08/07/from-the-depths-of-counterfeit-smartphones/
8 August 2019
A
02:26
Android Security & Malware
HiddenAd with 10,000+ installs found on Google Play
-hides app icon
-display ads
https://twitter.com/Maler360/status/1159308968579100672?s=19
A
03:28
Android Security & Malware
Investigation of remote vulnerabilities on the iPhone via SMS, MMS, VVM, Email and iMessage
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html
A
04:21
Android Security & Malware
Over 2,000 scam apps discovered on App Store #iOS

-scan fingerprint to make in-app purchase
-some of them are still on App Store
-2 apps made around $400k in June alone
-list of 517 apps
https://appsexposed.home.blog/2019/08/02/app-store-a-safe-haven-for-scammers-500-apps-exposed/
A
12:53
Android Security & Malware
Decrypt WhatsApp protocol to manipulate group chat
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/
A
14:35
Android Security & Malware
Fake Android security solutions found on Google Play

Discovered 8 fake AV apps with 1,236,000+ installs
https://labs.k7computing.com/?p=17228
A
16:07
Android Security & Malware
In the official Android app of BlackHat an attacker can:
- Open a random url in the app browser
- Pre dial a number
- Create an email
- Open Chrome to download a file https://t.co/mZ4UsuilPm
9 August 2019
A
02:49
Android Security & Malware
Reversing Android pre-installed apps

Convince 1 company to include your app rather than
thousands of users
https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
A
06:11
Android Security & Malware
Vulnerabilities in 5G

1) A protocol vulnerability in 4G and 5G specification that allows the fake base station to steal information about the device and mount identification attacks
2) Implementation vulnerability in cellular network operator equipment that can be exploited during a device registration phase
3) A protocol vulnerability that affects the battery life of low-powered devices
https://infosec.sintef.no/en/informasjonssikkerhet/2019/08/new-vulnerabilities-in-5g-security-architecture-countermeasures/
A
07:04
Android Security & Malware
Remote Code Execution Vulnerabilities in Apple FaceTime #BlackHat
https://i.blackhat.com/USA-19/Thursday/us-19-Huang-Towards-Discovering-Remote-Code-Execution-Vulnerabilities-In-Apple-FaceTime.pdf
A
08:29
Android Security & Malware
Attacking iPhone XS Max
https://i.blackhat.com/USA-19/Thursday/us-19-Wang-Attacking-IPhone-XS-Max.pdf
A
14:47
Android Security & Malware
Clicker Trojan Installed from Google Play by 102,000,000 Android Users #AdFraud
https://news.drweb.com/show/?i=13382&lng=en
10 August 2019
A
03:43
Android Security & Malware
Audio Recorder - Voice Recorder app with 1,000,000+ installs is subscription scam. After 3 days requests payment $199,99 per week.
https://twitter.com/WvuAlphaSoldier/status/1159712723518873601?s=19
A
17:12
Android Security & Malware
Malicious iPhone lightning cable
Looks like normal cable but it will give an attacker a way to remotely tap into your computer.
https://www.vice.com/amp/en_us/article/evj4qw/these-iphone-lightning-cables-will-hack-your-computer

O.MG cable: http://mg.lol/blog/omg-cable/
A
17:33
Android Security & Malware
Robocall blocking apps sends your private data without permission including TrapCall, Truecaller and Hiya apps
https://techcrunch.com/2019/08/09/many-robocall-blocking-apps-send-your-private-data-without-permission/
A
19:08
Android Security & Malware
Mobile Security Penetration Testing List
https://hackersonlineclub.com/mobile-security-penetration-testing/
11 August 2019
A
16:01
Android Security & Malware
Be careful when using shared devices

In-room tablets, phones in hotels, ordering tables in restaurants....

On some of them you can install TeamViewer to monitor all the activity.
https://twitter.com/JulienEhrhart/status/1160533140047351808?s=19
A
18:04
Android Security & Malware
Canon DSLR Camera can get infected with Ransomware over the air
https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/
12 August 2019
A
17:47
Android Security & Malware
In reply to this message
The Remote, Interaction-less Attack Surface of the iPhone

Slides from BlackHat about RCEs in iPhone
http://i.blackhat.com/USA-19/Wednesday/us-19-Silvanovich-Look-No-Hands-The-Remote-Interactionless-Attack-Surface-Of-The-iPhone.pdf
13 August 2019
A
06:28
Android Security & Malware
History of the worst Android app ever: mAadhaar
Slides: https://github.com/fs0c131y/ConPresentations/blob/master/AppSecVillageDefcon27.mAadhaar.pdf
Presentation: https://youtu.be/1dnyV2Gd48A
A
09:36
Android Security & Malware
Cerberus - A new banking Trojan from the underworld
https://www.threatfabric.com/blogs/cerberus-a-new-banking-trojan-from-the-underworld.html
14 August 2019
A
02:33
Android Security & Malware
Intercepting traffic from Android Flutter applications
https://blog.nviso.be/2019/08/13/intercepting-traffic-from-android-flutter-applications/
A
12:07
Android Security & Malware
T
The Bug Bounty Hunter 14.08.2019 11:57:33
Bypass of biometrics security functionality is possible in Android application (com.shopify.mobile)
https://hackerone.com/reports/637194
16 August 2019
A
09:12
Android Security & Malware
85 Adware Apps Found on Google Play Installed Over 8,000,000 Times
https://blog.trendmicro.com/trendlabs-security-intelligence/adware-posing-as-85-photography-and-gaming-apps-on-google-play-installed-over-8-million-times/
A
10:33
Android Security & Malware
In reply to this message
Cerberus - new Android Banking Trojan is active

-spreads via fake website as Adobe Flash Player
-video demo of its installation and stealing credentials from PayPal
https://twitter.com/ESETresearch/status/1162315627052306432
A
15:09
Android Security & Malware
Google Play now reviews all apps for at least three days for security reasons

✅ less harmful apps on Play Store
❌ security app updates could be delayed by 3 days
https://t.co/9gAnukJNFW
19 August 2019
A
08:55
Android Security & Malware
Bypassing Certificate Pinning by repackaging Android app
https://blog.approov.io/bypassing-certificate-pinning
A
09:18
Android Security & Malware
Threat evolution Q2 2019 by Kaspersky

Top 10 mobile malware in Q2 2019:
1. DangerousObject.Multi.Generic
2. Trojan.AndroidOS.Boogr.gsh
3. DangerousObject.AndroidOS.GenericML
4. Trojan.AndroidOS.Hiddapp.cr
5. Trojan.AndroidOS.Hiddapp.ch
6. Trojan.AndroidOS.Hiddapp.cf
7. Trojan.AndroidOS.Hiddad.em
8. Trojan-Dropper.AndroidOS.Lezok.p
9. Trojan-Dropper.AndroidOS.Hqwar.bb
10.Trojan-Banker.AndroidOS.Asacub.a
https://securelist.com/it-threat-evolution-q2-2019-statistics/92053/
A
14:26
Android Security & Malware
Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers.

Vulnerability was fixed in iOS 12.3 but Apple "unfixed" in iOS 12.4
https://www.vice.com/amp/en_us/article/qvgp77/hacker-releases-first-public-iphone-jailbreak-in-years
20 August 2019
A
03:03
Android Security & Malware
Subscription Scam with 1,000,000+ installs. After start requests 5 star rating and €99,99 per year subscription. https://www.reddit.com/r/PlayStoreTrash/comments/csfp48/chinese_adware_how_does_it_work/
03:03
A
08:19
Android Security & Malware
27 apps found on Google Play that prompt to install fake Google Play Store (Adware).
These app reached over 6,000 installs.
https://blogs.quickheal.com/alert-27-apps-found-google-play-store-prompt-install-fake-google-play-store/
21 August 2019
A
02:48
Android Security & Malware
T
The Bug Bounty Hunter 20.08.2019 17:29:18
Facebook Bug Bounty: Reading WhatsApp contacts list without unlocking the device
https://medium.com/@ar_arvind/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
22 August 2019
A
03:57
Android Security & Malware
Introducing new #Android #malware analysis platform!
Upload APK, detect malware and grab its configuration.
Currently open for trusted researchers only.
https://www.apkdetect.com/
A
07:52
Android Security & Malware
Microsoft Patches Vulnerable Android Remote Desktop App
https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/
A
08:15
Android Security & Malware
First known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice
https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/
A
19:23
Android Security & Malware
One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse
https://blog.doyensec.com/2019/08/22/modern-password-managers-flag-secure.html
19:26
Debug third party apps on iOS 12 https://link.medium.com/wwQXXpY4mZ
23 August 2019
A
10:00
Android Security & Malware
CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
A
17:46
Android Security & Malware
Telegram bug discloses phone numbers of any users in public groups.
Not fixed yet.
Allegedly exploited by government sponsored attack against Hong Kong protesters.
https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub
24 August 2019
A
16:20
Android Security & Malware
T
The Bug Bounty Hunter 24.08.2019 12:19:38
[iOS Application Security] Jailbreak 12.4 and SSL pinning bypass | How to set up your iOS Testing Lab
https://medium.com/@yogendra_h1/ios-application-security-jailbreak-12-4-5e3fc0dc0726
26 August 2019
A
07:02
Android Security & Malware
Riltok - Android banking Trojan spreads in France 🇫🇷 via SMS
https://twitter.com/benkow_/status/1165905380402171905?s=19
A
07:50
Android Security & Malware
T
The Bug Bounty Hunter 26.08.2019 05:54:24
Hail Frida!! The Universal SSL pinning bypass for Android applications
https://medium.com/@ved_wayal/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
27 August 2019
A
03:22
Android Security & Malware
Solving Android CTF from BSidesSF2019
https://aadityapurani.com/2019/03/07/bsidessf-ctf-2019-mobile-track/
A
04:54
Android Security & Malware
Bypass passcode protection in NextCloud Android app
https://hackerone.com/reports/631206
A
05:17
Android Security & Malware
Android Trojan Dropper - xHelper
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
05:28
Code injection in iMessages running iOS 13 b8 #RCE
https://youtu.be/yudFtywhETQ
A
08:42
Android Security & Malware
Tests of some of Android Antiviruses (Banking, Trojans, Spyware, PUAs, SMS)
https://www.mrg-effitas.com/wp-content/uploads/2019/08/Android360_2019q2_7.pdf
A
11:12
Android Security & Malware
Trojan found in CamScanner – Phone PDF creator app with 100,000,000+ installs on Google Play

This Trojan downloads malicious payload from developer's server.
https://securelist.com/dropper-in-google-play/92496/
A
17:31
Android Security & Malware
Two fake phishing apps found on Google Play. Both of them request user's credit card details. Target Brazilian 🇧🇷 users.
Pernambucanas - Cupons - 100+ installs
Midway Acesso (impersontes Riachuelo) - 5+ installs

https://twitter.com/silvaaa_anne/status/1166435030182313985?s=19
https://twitter.com/silvaaa_anne/status/1166407382840168449?s=19
28 August 2019
A
09:03
Android Security & Malware
Six new HiddenAd Trojans found on Google Play with 280,000+ downloads. If you have them installed, remove them. https://t.co/fB1CCttfIZ
09:10
Fake VPN app found on Google Play can download and install additional apps.
https://twitter.com/m0br3v/status/1166680295023812609?s=19
29 August 2019
A
08:36
Android Security & Malware
Two adware apps found on Google Play with over 1.5 million installs.
https://www.symantec.com/blogs/threat-intelligence/stealthy-ad-clicking-apps-google-play
30 August 2019
A
04:05
Android Security & Malware
T
The Bug Bounty Hunter 30.08.2019 03:18:55
Google adds all Android apps with +100m installs to its bug bounty program
https://www.zdnet.com/article/google-adds-all-android-apps-with-100m-installs-to-its-bug-bounty-program/
A
04:25
Android Security & Malware
Russian police take down malware gang that infected 800,000+ Android smartphones
They rented Hqwar, Asacub (Honli), Cron, CatsElite (MarsElite), Lokibot and modernized Marcher (Rahunok). 
https://www.zdnet.com/article/russian-police-take-down-malware-gang-that-infected-800000-android-smartphones/
04:32
Brazilian Android RAT distributed by over 20 apps via Google Play mostly as WhatsApp update exploiting WhatsApp's CVE-2019-3568.
One of the apps had 10,000+ installs.
https://securelist.com/spying-android-rat-from-brazil-brata/92775/
A
07:03
Android Security & Malware
A very deep dive into iOS Exploit chains found in the wild
Waterhole attacks - get your iPhone hacked only by visiting hacked website.
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
A
11:57
Android Security & Malware
How to Extract and Decrypt Signal Conversation History from the iPhone
https://blog.elcomsoft.com/2019/08/how-to-extract-and-decrypt-signal-conversation-history-from-the-iphone/
A
12:42
Android Security & Malware
ARES ADB IOT Botnet Targeting Android Devices especially STBs/ TVs
https://www.wootcloud.com/blogs/ars_botnet.html
A
18:49
Android Security & Malware
Facebook Android app scans system libraries from their user’s phone in the background and uploads them to their server...without user's permission
https://twitter.com/wongmjane/status/1167463054709334017?s=19
31 August 2019
A
08:31
Android Security & Malware
Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286

▪️CVE-2019-7286 was exploited in the wild
▪️The vulnerability seems to be of critical severity
▪️Vulnerability reproduced (includes POC code)
▪️The vulnerability could be used to escalate privileges to root as part of a chain for jailbreak on iOS 12.1.3.
https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/
A
09:02
Android Security & Malware
Global Rankings in Updating Smartphone Software and Security (besides Pixel)

1) Nokia
2) Samsung
3) Xiaomi
4) Huawei
5) Lenovo
https://www.counterpointresearch.com/nokia-leads-global-rankings-updating-smartphone-software-security/
1 September 2019
A
05:17
Android Security & Malware
Roaming Mantis(MoqHao/XLoader): spreads via SMShing

Distribution:
Infected Android device sends a SMS with a bit.ly link that links to a Tumblr blog that redirects to a malicous landing page.
https://hitcon.org/2019/CMT/slide-files/d2_s1_r1.pdf
2 September 2019
A
06:28
Android Security & Malware
Review of harmful apps found on Google Play in August 2019

Summary: 204 apps with over 438,400,00 installs.
https://lukasstefanko.com/2019/09/android-security-monthly-recap-8.html
A
17:27
Android Security & Malware
Top Android malware threats in August, 2019
Full list http://skptr.me/malware_timeline_2019.html
Download samples https://github.com/sk3ptre/AndroidMalware_2019
3 September 2019
A
09:27
Android Security & Malware
Fake cryptocurrency exchange app found on Google Play that bypasses SMS 2FA by stealing SMS notifications.
Targets users of 6 different cryptocurrency exchanges. https://twitter.com/ESETresearch/status/1168850608872460288
A
10:23
Android Security & Malware
Price For Mobile Exploits

For the first time Zerodium pays more for Android then iOS.
https://zerodium.com/program.html#changelog
A
16:58
Android Security & Malware
Heap Exploit Development – Case study from an in-the-wild iOS 0-day
https://azeria-labs.com/heap-exploit-development-part-1/
A
17:50
Android Security & Malware
Weekly tests of APK files uploaded on Virus Total based on Antivirus engines

Results:
1. K7GW
2. ESET-NOD32
3. Trustlook
4. Avira
5. AhnLab-V3
https://blog.trustlook.com/virustotal-apk-malware-detection-data-20190826-20190901/
4 September 2019
A
03:30
Android Security & Malware
HiddenAd adware with 50,000+ installs found on Google Play
https://twitter.com/ReBensk/status/1169127907958112256
A
07:41
Android Security & Malware
Android banking Trojan - Hydra - found on Google Play with 10,000+ installs
https://twitter.com/0xabc0/status/1169186569615532032
A
09:04
Android Security & Malware
Android Spy that signs you for SMS premium subscription (€6,71 per week) found in 24 apps on Google Play with 472,000+ installs

-campaign started in June 2019
-targets 37 countries
-can steal victim SMS, contact list + perform AdFraud
https://medium.com/csis-techblog/analysis-of-joker-a-spy-premium-subscription-bot-on-googleplay-9ad24f044451
A
11:40
Android Security & Malware
Advanced SMS Phishing Attacks Against Modern Android-based Smartphones
https://research.checkpoint.com/advanced-sms-phishing-attacks-against-modern-android-based-smartphones/
5 September 2019
A
04:43
Android Security & Malware
FunkyBot: Android Malware Family Targeting Japan

New variant of FakeSpy/Roaming Mantis/MaqHao/XLoader
https://www.fortinet.com/blog/threat-research/funkybot-malware-targets-japan.html
A
10:01
Android Security & Malware
Hack iOS or Computer via USB cable

Cable controlled remotely from Wifi.
Capable of :
-screen recording on SD card
-screen live stream via Wifi
-used as remote mouse + keyboard
http://blog.lambdaconcept.com/doku.php?id=research:graywire
A
10:55
Android Security & Malware
0-day Privilege Escalation Vulnerability in Android

Not patched. No exploit available.
Can by exploited by malicious app that could gain root privileges on infected device.
https://www.zerodayinitiative.com/advisories/ZDI-19-780/
6 September 2019
A
04:56
Android Security & Malware
Stalkerware app with 10,000+ installs found on Google Play
https://twitter.com/ReBensk/status/1169842841532526593
A
08:10
Android Security & Malware
Indian 🇮🇳 face recogintion app was leaking: suspect & submited photo, OTP codes, police officers using app, admin password.

After report they: restricted db access, removed app from Google Play, removed their Twitter account and Firebase db. BTW this company works for Indian government.
https://twitter.com/olihough86/status/1169641409592381440
08:15
Heap Overflows and the iOS Kernel Heap - Case Study from an in-the-wild iOS 0-Day. #Part2

Learn how the exploit developer used a clever vulnerability-conversion to turn a heap-overflow into an artificial Use-After-Free.
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
9 September 2019
A
08:26
Android Security & Malware
Doctor Web’s overview of malware detected on mobile devices in August 2019
https://news.drweb.com/show/review/?lng=en&i=13397
A
15:47
Android Security & Malware
Bug in Telegram that didn't remove not sent videos and pictures from device
https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html
A
17:07
Android Security & Malware
Weekly tests (week 36) of APK files uploaded on Virus Total based on Antivirus engines

Results:
1. K7GW
2. ESET-NOD32
3. Trustlook
4. AhnLab-V3
5. Fortinet
https://blog.trustlook.com/virustotal-apk-malware-detection-data-week-36-20190826-20190901/
A
18:03
Android Security & Malware
radare2 & Frida in OWASP Mobile Security Testing Guide
https://github.com/radareorg/r2con2019/blob/master/talks/r2_and_frida_owasp_mstg/r2_and_frida_in_the_OWASP_MSTG_Carlos_Holguera.pdf
12 September 2019
A
05:24
Android Security & Malware
Simjacker – Next Generation Spying Over Mobile
https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
A
05:55
Android Security & Malware
A newly disclosed Instagram security issue, confirmed by Facebook, exposed user account details and phone numbers
https://www.forbes.com/sites/zakdoffman/2019/09/12/new-instagram-hack-exclusive-facebook-confirms-user-accounts-and-phone-numbers-at-risk/
A
07:57
Android Security & Malware
Period tracking apps send sexual health data to Facebook servers
https://www.privacyinternational.org/long-read/3196/no-bodys-business-mine-how-menstruation-apps-are-sharing-your-data
A
09:53
Android Security & Malware
Frida scripts for reversing and debuging Android and iOS (dexdump,app/service hook)
https://github.com/4ch12dy/xia0FridaScript/tree/master/Android/sample
13 September 2019
A
06:43
Android Security & Malware
Trojan Dropper found on Google Play with 10,000+ installs
https://twitter.com/ReBensk/status/1172120835001208833
06:52
Project Zero Tools to test iPhone messaging

SmsSimulator: an SMS simulator for iPhone
iMessage: tools for sending and dumping iMessage messages
imapiness: a fuzzer for IMAP clients
https://github.com/googleprojectzero/iOS-messaging-tools
14 September 2019
A
18:15
Android Security & Malware
T
The Bug Bounty Hunter 14.09.2019 17:20:06
How two dead accounts allowed REMOTE CRASH of any Instagram android user
https://www.valbrux.it/blog/2019/09/13/how-two-dead-users-allowed-remote-crash-of-any-instagram-android-user/
15 September 2019
A
05:14
Android Security & Malware
Reversing HackEx Android Game for fun & profit - static, dynamic and network analysis
https://0x00sec.org/t/reversing-hackex-an-android-game/16243
A
19:06
Android Security & Malware
How to bypass Android certificate pinning and intercept SSL traffic
https://vavkamil.cz/2019/09/15/how-to-bypass-android-certificate-pinning-and-intercept-ssl-traffic/
16 September 2019
A
02:20
Android Security & Malware
Threat actor recycles leaked source code of Android RAT SpyNote and sells it as new Android RAT MobiHok v4.
Threat actore sells it with entire source code for $15,000!
https://blog.sensecy.com/2019/09/15/arabic-speaking-threat-actor-recycles-the-source-code-of-popular-rat-spynote-and-sells-it-in-the-dark-web-as-new/
02:33
ES File Explorer - Authentication bypass via insecure FTP Activity execution

3rd party app can bypass master password to start local FTP server. Because of that, attacker on local network could access files on device without authentication.
https://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8
A
07:18
Android Security & Malware
Bypass iOS 13 Lockscreen to see contacts info
https://youtu.be/pW0TTnBCA04
A
08:06
Android Security & Malware
Simplify reverse-engineering ARM firmware in Ghidra

SVD-Loader for Ghidra automates the entire generation of peripheral structs and memory maps for over 650 different microcontrollers
https://leveldown.de/blog/svd-loader/
A
09:07
Android Security & Malware
Now available SQLite vulnerabilities affecting iOS 12.3/macOS Mojave 10.14.5

CVE-2019-8598: https://cpr-zero.checkpoint.com/vulns/cprid-2118/
CVE-2019-8577: https://cpr-zero.checkpoint.com/vulns/cprid-2119/
CVE-2019-8600: https://cpr-zero.checkpoint.com/vulns/cprid-2120/
CVE-2019-8602: https://cpr-zero.checkpoint.com/vulns/cprid-2121/
A
09:41
Android Security & Malware
WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users
https://thehackernews.com/2019/09/whatsapp-delete-for-everyone-privacy.html
A
18:07
Android Security & Malware
Phishing site impersonating SecureDrop - site meant for whistleblowers submissions - distributed Android RAT malware
https://www.bleepingcomputer.com/news/security/phishing-attack-targets-the-guardians-whistleblowing-site/
18 September 2019
A
14:24
Android Security & Malware
Documents reveal how Russia taps phone companies for surveillance
https://techcrunch.com/2019/09/18/russia-sorm-nokia-surveillance/
A
18:26
Android Security & Malware
Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites
https://blog.trendmicro.com/trendlabs-security-intelligence/magecart-skimming-attack-targets-mobile-users-of-hotel-chain-booking-websites/
20 September 2019
A
13:41
Android Security & Malware
Two hidden ads Trojans found on Google Play with 1,500,000+ installs
https://www.wandera.com/mobile-security/google-play-adware/
A
17:28
Android Security & Malware
T
The Bug Bounty Hunter 20.09.2019 17:08:00
DroidCon, SEC-T CTF 2019
https://anee.me/droidcon-sec-t-ctf-2019-d796be91bb3f
21 September 2019
A
12:12
Android Security & Malware
Two fake apps with all together 200+ installs requests credit card credentials
https://twitter.com/emilio_simoni/status/1175122486029160448?s=19
https://twitter.com/emilio_simoni/status/1175103047762141185?s=19
22 September 2019
A
03:36
Android Security & Malware
MobSF v2.0 released
https://github.com/MobSF/Mobile-Security-Framework-MobSF
A
17:20
Android Security & Malware
Andromeda - Interactive Reverse Engineering Tool for Android apps
https://github.com/secrary/Andromeda
A
18:40
Android Security & Malware
How Edward Snowden Would Use A Smartphone
-Graphene OS
-all traffic through TOR
-use ad-blocker and password manager
-use Signal or Wire
-...
https://www.eva.nmccann.net/blog/snowden-smartphone
23 September 2019
A
13:24
Android Security & Malware
Pwnedbg - debugging the iOS kernel in IDA
https://akayn.github.io/2019/09/21/debugging-the-ios-kernel-in-ida.html
A
14:33
Android Security & Malware
25 hidden adware found on Google Play with over 2,100,000 installs
https://www.symantec.com/blogs/threat-intelligence/hidden-adware-google-play
24 September 2019
A
08:27
Android Security & Malware
Tibetan Groups Targeted with 1-Click Mobile Exploits. Espionage campaign for iOS and Android OS
https://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/
IOCs: https://github.com/citizenlab/malware-indicators/blob/master/201909_MissingLink/iocs.csv
25 September 2019
A
05:28
Android Security & Malware
Android Spying Trojan impersonates Korean National Police Agency app that spreads via fake websites that mimic Google Play
https://twitter.com/ninoseki/status/1176732200873578496
A
09:08
Android Security & Malware
29 Hidden Ads trojans with 10,900,000+ installs found on Google Play
https://blogs.quickheal.com/quick-heal-reports-29-malicious-apps-10-million-downloads-google-play-store/
A
15:46
Android Security & Malware
Subscription Scam apps found on Google Play

▪️15 apps with 20,000,000+ installs
▪️some of the apps requests €219.99 payment after 3-day trial
http://news.sophos.com/en-us/2019/09/25/fleeceware-apps-overcharge-users-for-basic-app-functionality/
26 September 2019
A
04:01
Android Security & Malware
Two adware apps with 600,000+ installs found on Google Play

These apps were updated in 2016. This means, that they contain adware code for over 3 years.
https://twitter.com/ReBensk/status/1176728626290552832
A
04:21
Android Security & Malware
Fake Google Play website

Malicious app impersonates Brazil 🇧🇷 Santander banking app
A
18:53
Android Security & Malware
Google quietly removed at least 46 apps from the Play store belonging to iHandy, a major Chinese mobile developer.
Either Google or developer doesn't explain why.
https://www.buzzfeednews.com/article/craigsilverman/sweet-camera-play-store-removed-ihandy
27 September 2019
A
05:12
Android Security & Malware
Fake Antivirus app found on Google Play with 10,000+ installs

It's based on whitelisting/blacklisting package names or activities. Doesn't receive any updates.
https://twitter.com/ReBensk/status/1177487851895676928
A
07:49
Android Security & Malware
Fake apps spread on iOS App Store and Google Play

IoC:
11 apps on iOS App Store
15 apps on Google Play
https://blog.trendmicro.com/trendlabs-security-intelligence/gambling-apps-sneak-top-100-hundreds-fake-apps-spread-app-store-google-play/
A
09:58
Android Security & Malware
EPIC JAILBREAK: Permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.

Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). via @axi0mX
https://github.com/axi0mX/ipwndfu/blob/master/README.md
28 September 2019
A
19:02
Android Security & Malware
How to dump and debug the bootrom (SecureROM) on demoted devices with Apple’s official tools. #iOS

1/ connect the cable using the correct lighting orientation and launch astris
https://twitter.com/1nsane_dev/status/1177856941139337216?s=19
29 September 2019
A
08:28
Android Security & Malware
Data breach of 218 million users affected all Android and iOS game players who signed up for the Words With Friends game

Leaked:
▪️Names
▪️Email addresses
▪️Login IDs
▪️Hashed passwords, SHA1 with salt
Password reset token (if ever requested)
▪️Phone numbers (if provided)
▪️Facebook ID (if connected)
▪️Zynga account ID
https://thehackernews.com/2019/09/zynga-game-hacking.html
A
09:03
Android Security & Malware
Vulnerability in WIB sim-browser can make a phone call, send SMS to any phone numbers, send victim’s location, launch WAP browser, etc.
https://ginnoslab.org/2019/09/21/wibattack-vulnerability-in-wib-sim-browser-can-let-attackers-globally-take-control-of-hundreds-of-millions-of-the-victim-mobile-phones-worldwide-to-make-a-phone-call-send-sms-to-any-phone-numbers/
A
18:35
Android Security & Malware
iOS Hacking Resources
https://github.com/Siguza/ios-resources
30 September 2019
A
02:12
Android Security & Malware
Jailbreaking iPhone X iOS 13.1.1 in 2 seconds with checkm8
https://twitter.com/axi0mX/status/1178299323328499712
A
02:40
Android Security & Malware
Infographic: 10 mobile security misconceptions
https://www.wandera.com/mobile-security/mobile-security-misconceptions/
A
11:41
Android Security & Malware
Seven HiddenApp Trojans found on Google Play with 310,000+ installs
https://twitter.com/0xabc0/status/1178606985404653568?s=19
A
16:48
Android Security & Malware
Android Application Security - OWASP MSTG Uncrackable level 1 writeup
https://blog.0daylabs.com/2019/09/18/deep-dive-into-Android-security/
1 October 2019
A
02:20
Android Security & Malware
Fake Google Play domain
https://twitter.com/PhishingAi/status/1178775919365804033
A
05:19
Android Security & Malware
Starbucks China Android app cloud storage service leaks a credential
https://hackerone.com/reports/440629
A
05:37
Android Security & Malware
MOBEXLER - A Mobile Application Penetration Testing Platform
https://enciphers.github.io/Mobexler/
A
07:29
Android Security & Malware
Review of harmful apps found on Google Play in September 2019: 172 apps with 335,952,400+ installs
https://lukasstefanko.com/2019/10/android-security-monthly-recap-9.html
A
08:59
Android Security & Malware
Huawei’s Undocumented APIs — A Backdoor to Reinstall Google Services
https://medium.com/@topjohnwu/huaweis-undocumented-apis-a-backdoor-to-reinstall-google-services-c3a5dd71a7cd
A
17:45
Android Security & Malware
Eight vulnerabilities found in the Android operating system's VoIP components
https://www.zdnet.com/article/academics-find-eight-vulnerabilities-in-androids-voip-components/
2 October 2019
A
02:16
Android Security & Malware
Popular Android malware seen in September 2019 with samples
http://skptr.me/malware_timeline_2019.html
Samples: https://github.com/sk3ptre/AndroidMalware_2019
A
06:30
Android Security & Malware
Detailed analysis of RCE vulnerability in WhatsApp via receiving malicoius .GIF

Patched in WhatsApp v2.19.244
https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
Video demo: https://drive.google.com/file/d/1T-v5XG8yQuiPojeMpOAG6UGr2TYpocIj/view
A
12:38
Android Security & Malware
The State of Stalkerware in 2019

Increase of mobile Stalkerware. Based on Kaspersky, there is more Stalkerware detected in 2019 than in 2018.
https://securelist.com/the-state-of-stalkerware-in-2019/93634/
3 October 2019
A
02:52
Android Security & Malware
Bad OpSec led to the botnet’s discovery — revealing 800,000 victims in Russia
https://threatpost.com/virus-bulletin-geost-android-botnet/148864/
A
04:39
Android Security & Malware
T
The Bug Bounty Hunter 03.10.2019 04:05:35
URL Bar Spoofing Flaw in Safari for iOS 12.3 and iOS 13 Beta | CVE-2019–8727
https://medium.com/@justm0rph3u5/url-bar-spoofing-in-safari-for-ios-12-3-and-ios-13-beta-cve-2019-8727-d87490f8ee29
A
07:43
Android Security & Malware
Statistics and analysis of "Hqware" Android Banking malware family
https://securelist.com/hqwar-the-higher-it-flies-the-harder-it-drops/93689/
4 October 2019
A
02:41
Android Security & Malware
Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others
The bug was allegedly being used or sold by the NSO Group.
Local PoC exploit included. CVE-2019-2215
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
A
04:54
Android Security & Malware
Spy campaign against handpicked political, social activists, high-profile journalists and members of non-profit organizations in Egypt.
One of the spy app found on Google Play with 5,000+ installs.
https://research.checkpoint.com/the-eye-on-the-nile/
A
14:00
Android Security & Malware
GEOST BOTNET - ANALYSIS OF A NEW ANDROID BANKING TROJAN FROM AN OPSEC ERROR
http://public.avast.com/research/VB2019-Garcia-etal.pdf
A
18:28
Android Security & Malware
Signal Bug Could Have Let Hackers Listen to Android Users Via Microphone
https://www.vice.com/en_us/article/3kx7n8/signal-bug-could-have-let-hackers-listen-to-android-users-via-microphone
5 October 2019
A
03:02
Android Security & Malware
Mobile Pentesting with Frida
https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view
7 October 2019
A
02:44
Android Security & Malware
Automated Frida hook generation with JEB
https://bhamza.me/2019/10/06/Automated-Frida-hook-generation-with-JEB.html
jeb2frida: https://github.com/Hamz-a/jeb2frida
A
12:57
Android Security & Malware
How to modify iOS app with Frida to use Meterpreter
https://sensepost.com/blog/2019/mettle-your-ios-with-frida/
A
18:49
Android Security & Malware
A Run-Time Approach For Pen-Testing IOS Applications Part-II (Objection In Action)
https://blog.securelayer7.net/a-run-time-approach-for-pen-testing-ios-applications-part-ii-objection-in-action/
8 October 2019
A
02:14
Android Security & Malware
iOS boot chaining
http://newosxbook.com/bonus/iBoot.pdf
A
08:30
Android Security & Malware
Android Malware Tracker of 18 malware families
https://github.com/jacobsoo/amtracker
08:35
Vulnerable Twitter API of iOS apps may lead to possible MITM attack

The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. CVE-2019-16263
https://blog.appicaptor.com/2019/10/04/vulnerable-library-warning-twitterkit-for-ios/
A
10:52
Android Security & Malware
Fake Antivirus Found on Google Play 100,000+ Installs
https://twitter.com/ReBensk/status/1181544987151855616
9 October 2019
A
03:10
Android Security & Malware
HiddenApp Trojans that hide its presence and display ads found on Google Play: discovered 15 apps with over 1,300,000 installs
https://news.sophos.com/en-us/2019/10/08/icon-hiding-android-adware-returns-to-the-play-market/
A
05:10
Android Security & Malware
Doctor Web’s overview of malware detected on mobile devices in September 2019
https://news.drweb.com/show/?i=13446&lng=en
10 October 2019
A
02:52
Android Security & Malware
Two spy apps that steal contact list found on Google Play with 110+ installs
https://twitter.com/s_metanka/status/1181192866875559936
A
03:11
Android Security & Malware
New Joker Trojan app with 100,000+ installs found on Google Play
https://twitter.com/s_metanka/status/1181592422796664837
12 October 2019
14 October 2019
A
09:55
Android Security & Malware
Google has removed 29 popular Android apps with a total download of more 10 million from Google Play store
https://m.gadgetsnow.com/slideshows/delete-these-29-popular-apps-from-your-android-phone-right-now/amp_photolist/71573856.cms
A
11:53
Android Security & Malware
Adware app with 10,000+ installs on Google Play
https://twitter.com/ReBensk/status/1183742308652466178?s=19
15 October 2019
A
13:29
Android Security & Malware
Joker Trojan found on Google Play with 10,000+ installs
https://twitter.com/sh1shk0va/status/1184054662003134464?s=19
16 October 2019
A
06:48
Android Security & Malware
Seven HiddenApp Trojans with 190,000+ installs found on Google Play
https://twitter.com/0xabc0/status/1184373381086531584
A
10:42
Android Security & Malware
Subscription scam with 1,000,000+ installs requests €94.99 per week after 3 day free trial
https://twitter.com/fs0c131y/status/1184414820281540608?s=19
17 October 2019
A
03:14
Android Security & Malware
Qu1ckR00t - Exploit CVE-2019-2215 to Achieve Root
Blog: https://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/
PoC exploit: https://github.com/grant-h/qu1ckr00t
A
05:08
Android Security & Malware
How to Reverse Engineer an iOS App and macOS Software
https://www.apriorit.com/dev-blog/363-how-to-reverse-engineer-os-x-and-ios-software
A
08:22
Android Security & Malware
Checkrain fake iOS jailbreak leads to click fraud
https://blog.talosintelligence.com/2019/10/checkrain-click-fraud.html
A
15:20
Android Security & Malware
Fake Antivirus on Google Play with 1,000+ installs
https://twitter.com/ReBensk/status/1184830278532882433?s=19
15:26
Subscription scams found on Google Play

26 apps with 8,000,000+ installs
https://twitter.com/fs0c131y/status/1184447437781557248?s=19
18 October 2019
A
02:43
Android Security & Malware
Clicker for Android subscribes users to paid services #Joker #Malware
https://news.drweb.com/show/?i=13464&lng=en
02:48
Hiddad app found on Google Play 100,000+ Installs
https://twitter.com/ReBensk/status/1185065215416623104
A
03:11
Android Security & Malware
UC Browser downloaded a third-party app store over unsecured channels
https://www.zscaler.com/blogs/research/uc-browser-app-abuses-may-have-exposed-500-million-users
19 October 2019
A
04:02
Android Security & Malware
HiddenApp found on Google Play with 500,000+ installs
https://twitter.com/ReBensk/status/1185188429518139392?s=19
21 October 2019
A
08:18
Android Security & Malware
Joker Trojan found on Google Play

Three apps with 20,000+ installs
https://twitter.com/ReBensk/status/1186227496460513280
A
13:09
Android Security & Malware
More Joker Trojans on Google Play

8 apps with 196,000+ installs
https://twitter.com/m0br3v/status/1186277973923696641
https://twitter.com/sh1shk0va/status/1186291616769814529
A
20:28
Android Security & Malware
Remove Snaptube app, based on the research it's adfraud
https://www.upstreamsystems.com/secure-d-uncovers-non-human-clicks-subscriptions-popular-android-app-snaptube/
22 October 2019
A
04:03
Android Security & Malware
New variant of Gustuff - Android banking malware
https://blog.talosintelligence.com/2019/10/gustuffv2.html
A
10:37
Android Security & Malware
Fake Swisscom CSIRT app luring credentials found on Google Play
https://twitter.com/swisscom_csirt/status/1186528018740793344
A
10:57
Android Security & Malware
Joker Trojan found on Google Play

Joker misuses notificaiton access to steal received SMS containing verification codes to subscribe for services

Found: 29 apps with 280,000+ installs
https://blog.trendmicro.com/trendlabs-security-intelligence/fake-photo-beautification-apps-on-google-play-can-read-sms-verification-code-to-trigger-wireless-application-protocol-wap-carrier-billing/
23 October 2019
A
09:26
Android Security & Malware
New Android Banking Trojan Family - Gnip
https://twitter.com/sh1shk0va/status/1186968376930897926
24 October 2019
A
07:00
Android Security & Malware
Tracking down the developer of Android adware affecting millions of users #OSINT

42 Android adware apps on Google Play with 8,000,000+ installs
https://www.welivesecurity.com/2019/10/24/tracking-down-developer-android-adware/
A
10:43
Android Security & Malware
Discovered 17 apps on the Apple App Store that are infected with clicker Trojan malware
https://www.wandera.com/mobile-security/ios-trojan-malware/
25 October 2019
A
02:10
Android Security & Malware
NFC Beaming could bypass “install unknown application” prompt to install apps on Android 8 and higher - CVE-2019-2114
https://wwws.nightwatchcybersecurity.com/2019/10/24/nfc-beaming-bypasses-security-controls-in-android-cve-2019-2114/
27 October 2019
A
08:24
Android Security & Malware
ANDROID HACKING WITH TERMUX

How to setup and install all the necessary tools
https://dotweak.com/2019/10/12/android-hacking-with-termux-QldEN2RLSU9rc2VOZUJjREEzeWlSdz09
28 October 2019
A
04:52
Android Security & Malware
Mobile Malware and APT Espionage: Prolific, Pervasive, and Cross-Platform
https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
A
07:17
Android Security & Malware
Four Joker Trojans found on Google Play with 16,000+ installs
https://twitter.com/sh1shk0va/status/1188754354779672576
A
09:20
Android Security & Malware
Two more #Joker Trojans 55.000+ installs
https://twitter.com/0xabc0/status/1188771498594623488
29 October 2019
A
08:14
Android Security & Malware
102 adware apps with over 440,000 installs on Google Play
https://twitter.com/0xabc0/status/1189132270256513025
30 October 2019
A
03:19
Android Security & Malware
Xhelper: Persistent Android dropper app infects 45K devices in past 6 months

Functionality: it hide itself, can download additional apps and display ads
https://www.symantec.com/blogs/threat-intelligence/xhelper-android-malware
A
07:09
Android Security & Malware
Analysis of Joker Trojans found on Google Play
https://labs.k7computing.com/?p=19247
31 October 2019
A
03:06
Android Security & Malware
Top Android malware threats of October, 2019
Full list: http://skptr.me/malware_timeline_2019.html
Download: - https://github.com/sk3ptre/AndroidMalware_2019
2 November 2019
A
05:45
Android Security & Malware
ai.type keyboard app from Google Play contained AdFraud functionality to make ad clicks and unwanted purchases
https://www.upstreamsystems.com/secure-d-uncovers-suspicious-mobile-transactions-android-keyboard-app-ai-type-generating-non-human-clicks-making-unwanted-purchases/
A
08:37
Android Security & Malware
MESSAGETAP: Tool created by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers
https://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html
4 November 2019
A
08:30
Android Security & Malware
apk-mitm - tool that patches your APK to bypass certificate pinning
https://github.com/shroudedcode/apk-mitm
5 November 2019
A
10:00
Android Security & Malware
1 Click Android 10 Remote Rooting via Chrome Browser by @ThomasKing2014
https://youtu.be/2pNsCi0T9MI
7 November 2019
A
08:35
Android Security & Malware
The App Defense Alliance: Bringing the security industry together to fight bad apps

ESET + Lookout + Zimperium will help protect apps on Google Play Store
https://security.googleblog.com/2019/11/the-app-defense-alliance-bringing.html
A
10:41
Android Security & Malware
49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play
https://blog.trendmicro.com/trendlabs-security-intelligence/49-disguised-adware-apps-with-optimized-evasion-features-found-on-google-play/
A
12:48
Android Security & Malware
Droppers downloading adware found on Google Play
https://www.wandera.com/mobile-security/dropper-apps/
9 November 2019
A
07:57
Android Security & Malware
Joker Trojan now uses ads on YouTube to spread
https://twitter.com/0xabc0/status/1193089908946153472?s=19
A
10:16
Android Security & Malware
Vulnerabilities found in Android baseband firmware could be exploited via AT commands for vulnerable devices to: get unique identifiers, such as their IMEI and IMSI numbers, downgrade a target’s connection in order to intercept phone calls, forward calls to another phone or block all phone calls and internet access altogether.
https://techcrunch.com/2019/11/08/android-baseband-flaws/
Research: https://www.documentcloud.org/documents/6543391-ATFuzzer.html
11 November 2019
A
06:43
Android Security & Malware
How to bypass Android’s hidden API restrictions
https://www.xda-developers.com/android-development-bypass-hidden-api-restrictions/
12 November 2019
A
03:29
Android Security & Malware
T
The Bug Bounty Hunter 11.11.2019 19:44:20
Configuring Frida with BurpSuite and Genymotion to bypass Android SSL Pinning
https://spenkk.github.io/bugbounty/Configuring-Frida-with-Burp-and-GenyMotion-to-bypass-SSL-Pinning/
13 November 2019
A
06:30
Android Security & Malware
Doctor Web’s overview of mobile malware in October 2019
https://news.drweb.com/show/?i=13512&lng=en
A
11:41
Android Security & Malware
VirtualXposed
A simple App based on VirtualApp and epic that allows you to use an Xposed Module without needing to root, unlock the bootloader, or flash a custom system image. (Supports Android 5.0~9.0)
https://github.com/android-hacker/VirtualXposed
14 November 2019
A
05:06
Android Security & Malware
RCE Vulnerability found in Android
CVE-2019-2205 - memory corruption due to a use after free could lead to RCE
It was fixed in the latest Android Security Bulletin—November 2019. Update!
https://www.nowsecure.com/blog/2019/11/13/nowsecure-discovers-critical-android-vuln-that-may-lead-to-remote-code-execution/
A
10:44
Android Security & Malware
The Road to Qualcomm TrustZone Apps Fuzzing
Vulnerability allows to execute trusted apps in the Normal World (Android OS)
https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/
15 November 2019
A
05:39
Android Security & Malware
iOS sandbox escape due to integer overflow in mediaserverd
Fixed in iOS 13.2.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1922
05:48
Library created to secure iOS apps in development process according to the OWASP MASVS standards.
With this library you can detect:
- Jailbreak
- being debugged
- Reverse Engineering Tools (e.g. Frida)
- Run in an emulator
https://github.com/securing/IOSSecuritySuite
05:54
Don't trust USB charging stations!
LA officials publish warning about the dangers of using public USB charging stations -- as they can hide malware

Their advice:
- use the AC charging socket, not the USB one
- bring your own USB charger from home
via @campuscodi
https://www.zdnet.com/google-amp/article/officials-warn-about-the-dangers-of-using-public-usb-charging-stations/
A
12:53
Android Security & Malware
Google sheet to track Joker/Adware/HiddenAd/etc. created by @0xabc0
If you find such malware, let him know via Twitter DM
https://docs.google.com/spreadsheets/d/15Vf8mRfCjPy0m_7CbM--luBFu4iUNHS9CPkNbEGPXhs/edit
DM: https://twitter.com/0xabc0
16 November 2019
A
05:02
Android Security & Malware
In September, a new iPhone Boot ROM exploit was released that allows anyone with physical control of a phone to run arbitrary code.
However, iVerify alerts you to security anomalies
https://blog.trailofbits.com/2019/11/14/introducing-iverify-the-security-toolkit-for-iphone-users/
iVerify app: https://apps.apple.com/us/app/iverify/id1466120520
05:10
Stealthy new Android malware poses as ad blocker, serves up ads instead
https://blog.malwarebytes.com/android/2019/11/stealthy-new-android-malware-poses-as-ad-blocker-serves-up-ads-instead/
A
07:57
Android Security & Malware
RCE in WhatsApp - CVE-2019-11931
Description: A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user.
https://facebook.com/security/advisories/cve-2019-11931
08:04
Buying new Android but already with pre-installed vulnerabilities

Android Firmware Vulnerabilities - November 2019
https://www.kryptowire.com/android-firmware-2019/
20 November 2019
A
05:31
Android Security & Malware
Vulnerability in Google's camera app allowed 3rd party apps to take pictures and video without user knowledge or permission. CVE-2019-2234
https://www.checkmarx.com/blog/how-attackers-could-hijack-your-android-camera
A
06:30
Android Security & Malware
Checkra1n on Raspberry PI
https://twitter.com/iFenixx/status/1196830521000648704
A
07:20
Android Security & Malware
Instagram stalker app **Ghosty** that takes advantage of Instagram's API to spy on users was removed from Google Play
https://www.androidpolice.com/2019/11/19/instagram-private-accounts-viewer-app/
21 November 2019
A
08:11
Android Security & Malware
Gnip - new Android banking Trojan that reuses parts of Anubis source code
First time spotted in June 2019
https://www.threatfabric.com/blogs/ginp_a_malware_patchwork_borrowing_from_anubis.html
22 November 2019
A
06:12
Android Security & Malware
Analysis of use-after-free in Binder vulnerability - CVE-2019-2215

This exploit was used in-the-wild to install NSO group malware - Pegasus.
The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If chained with a browser renderer exploit, this bug could fully compromise a device through a malicious website.
https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html
A
07:00
Android Security & Malware
How Mobile Ad Fraud’s Scams Work?

1) Click Fraud
2) Click-jacking
3) Device Hijacking
4) Device Emulation
5) IP Emulation
https://lab.secure-d.io/mobile-ad-frauds-most-sophisticated-scams/
A
09:17
Android Security & Malware
Old vulnerabilities are still present in Android apps such as Yahoo Browser, Facebook, Instagram and WeChat
https://research.checkpoint.com/2019/long-known-vulnerabilities-in-high-profile-android-applications/
23 November 2019
A
06:20
Android Security & Malware
Smartphone maker OnePlus discloses data breach

> says hackers accessed some OnePlus customer data through a vulnerability in its website
> hack happened last week
> OnePlus says it's opening a bug bounty program next month
Via @campuscodi
https://www.zdnet.com/google-amp/article/smartphone-maker-oneplus-discloses-data-breach/
A
07:10
Android Security & Malware
The Analyst’s Guide to MiTM Issues in Mobile Apps

1 in 5 Android apps use HTTP
1 in 7 iOS apps use HTTP
https://www.nowsecure.com/blog/2019/11/20/the-analysts-guide-to-mitm-issues-in-mobile-apps/
26 November 2019
A
03:35
Android Security & Malware
Analysis of Tushu SDK present in some HiddenAds Trojans
https://www.whiteops.com/blog/twoshu-electric-boogaloo
A
12:25
Android Security & Malware
XSS spoofing vulnerability found in Microsoft's Outlook for Android | CVE-2019-1460
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1460
A
19:54
Android Security & Malware
HackerOne is looking for Mobile Security Engineer

//I would never thought I would post job offere in here, but this might help someone to move further in Mobile infosec field
https://jobs.lever.co/hackerone/316d0fbd-cf24-41be-a3e2-5180f62f3658
A
20:41
Android Security & Malware
Frida/QBDI Android API Fuzzer

Experimetal fuzzer is meant to be used for API in-memory fuzzing on Android.
https://github.com/andreafioraldi/frida-qbdi-fuzzer
27 November 2019
A
04:47
Android Security & Malware
Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps
https://blog.trendmicro.com/trendlabs-security-intelligence/patched-gif-processing-vulnerability-cve-2019-11932-still-afflicts-multiple-mobile-apps/
04:56
Compromise of Xiaomi Mi6 over WiFi to achieve RCE

Bug chaining:
MITM -> JavaScript Bridge (downloadAndInstallApk()) -> Contact Provider vulnerability (auto-start APK) -> RCE
https://labs.f-secure.com/advisories/xiaomi-wifi/
A
05:37
Android Security & Malware
Malicious Android SDKs - oneAudience and MobiBurn - accessed personal data, such as email addresses and user names.

These SDKs were embedded in Twitter and Facebook Android apps
https://help.twitter.com/en/sdk-issue
A
06:46
Android Security & Malware
Analysis of Tencent Legu: a packer for Android applications
https://blog.quarkslab.com/a-glimpse-into-tencents-legu-packer.html
unpacking scripts: https://github.com/quarkslab/legu_unpacker_2019
A
07:47
Android Security & Malware
CVE-2019-11932 (double free in libpl_droidsonroids_gif) many apps vulnerable
https://seclists.org/fulldisclosure/2019/Nov/27
A
08:40
Android Security & Malware
NetHunter Kex – Full Kali Desktop on Android phones

NetHunter Kex allows you to attach your Android device to an HDMI output along with Bluetooth keyboard and mouse and get a full, no compromise, Kali desktop from your phone.
https://www.kali.org/news/kali-linux-2019-4-release/
28 November 2019
A
05:56
Android Security & Malware
A New Wave of Android Stalkerware Apps
https://www.zscaler.com/blogs/research/new-wave-stalkerware-apps
A
20:06
Android Security & Malware
Building & Hacking modern iOS apps
https://www.slideshare.net/mobile/wojdwo/buildinghacking-modern-ios-apps
29 November 2019
A
11:18
Android Security & Malware
Mobile threat statistics in Q3 2019 by Kaspersky

▪️870,617 detected all malicious installs
▪️Hiddenapp is one of the most prevalent Android malware family
▪️13,129 detected mobile banking Trojans
▪️13,179 detected mobile ransomware
https://securelist.com/it-threat-evolution-q3-2019-statistics/95269/
30 November 2019
A
18:31
Android Security & Malware
Checkm8, Checkra1n and the new "golden age" for iOS Forensics
http://blog.digital-forensics.it/2019/11/checkm8-checkra1n-and-new-golden-age.html
1 December 2019
A
07:15
Android Security & Malware
iOS Mobile Installation Logs Parser
https://github.com/abrignoni/iOS-Mobile-Installation-Logs-Parser
A
13:25
Android Security & Malware
Database with millions of SMS text messages has been found online

The database was left unprotected on the internet without a password, none of the data was encrypted and anyone could look inside. #TrueDialog
https://www.vpnmentor.com/blog/report-truedialog-leak/
A
17:32
Android Security & Malware
Session Expiration Bypass in Facebook Creator App
https://link.medium.com/bzpIZQ2z41
2 December 2019
A
18:41
Android Security & Malware
Android StrandHogg vulnerability

Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
3 December 2019
A
02:58
Android Security & Malware
Exploiting unpatched Android StrandHogg vulnerability demo
https://youtu.be/yI0Xh5Oc0x4
A
07:36
Android Security & Malware
Analysis of Android Downloader Trojans
https://securityintelligence.com/posts/the-role-of-evil-downloaders-in-the-android-mobile-malware-kill-chain/
5 December 2019
A
07:31
Android Security & Malware
[updated] Android App Reverse Engineering 101
https://maddiestone.github.io/AndroidAppRE/
A
18:33
Android Security & Malware
Malicious Android apps observed during Thanksgiving season of 2019
https://securitynews.sonicwall.com/xmlpost/malicious-android-apps-observed-during-thanksgiving-season-of-2019/
A
19:26
Android Security & Malware
Chasing the Joker

Android SMS subscription bot distributed over Google Play #slides
https://docs.google.com/presentation/d/1sFGAERaNRuEORaH06MmZKeFRqpJo1ol1xFieUa1X_OA/edit#slide=id.p1
6 December 2019
7 December 2019
A
14:54
Android Security & Malware
DeStroid
Fighting String Encryption in Android Malware
https://github.com/fkie-cad/DeStroid/blob/master/DeStroid_bonus_slides.pdf
10 December 2019
A
14:05
Android Security & Malware
f
fs0c131y - Official Channel 10.12.2019 13:59:04
Androids Invisible Foreground Services and
How to (Ab)use Them https://i.blackhat.com/eu-19/Thursday/eu-19-Sutter-Simple-Spyware-Androids-Invisible-Foreground-Services-And-How-To-Abuse-Them.pdf
A
17:34
Android Security & Malware
Venus malware family found on Google Play targets carrier billing and advertising
https://www.evina.fr/evina-security-analyst-found-a-new-trojan-family-on-google-play/
11 December 2019
A
06:41
Android Security & Malware
SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html
A
09:29
Android Security & Malware
Doctor Web’s overview of mobile malware detected in November 2019
https://news.drweb.com/show/?i=13558&lng=en
13 December 2019
A
06:21
Android Security & Malware
A Deep Dive into Reversing Android Pre-Installed Apps
https://youtu.be/U6qTcpCfuFc
Slides: https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
A
11:44
Android Security & Malware
AndroidProjectCreator: Open an APK in Android Studio project
https://t.co/4diAmkM3oj?amp=1
A
20:47
Android Security & Malware
f
fs0c131y - Official Channel 13.12.2019 09:31:57
Frida API Fuzzer to fuzz APIs of Android apps https://github.com/andreafioraldi/frida-fuzzer
14 December 2019
A
07:43
Android Security & Malware
Android Malware Sandbox

Modulable sandbox for quickly sandbox known or unknown families of Android Malware
https://github.com/Areizen/Android-Malware-Sandbox
A
08:24
Android Security & Malware
Joker found on Google Play had victims in UAE

Android users in the UAE reported charges of more than AED 1000 per year from unwanted subscriptions
http://www.dubaichronicle.com/2019/12/14/uae-android-users-alert-scams-associated-with-mobile-apps/
A
17:01
Android Security & Malware
Adware on Google Play in apps with more than 16,100,000 installs in total
https://twitter.com/sh1shk0va/status/1205510874250825728?s=19
15 December 2019
A
10:23
Android Security & Malware
iOS Imgur app - A Realm database example
https://abrignoni.blogspot.com/2019/12/ios-imgur-app-realm-database-example.html
10:29
Android banking trojan has been spreading in Brazil 🇧🇷 as Google System apps
[1] https://twitter.com/ThreatFabric/status/1205817445564526592?s=19
[2] https://twitter.com/DbgShell/status/1205949571924398080?s=19
A
14:43
Android Security & Malware
How to setup iOS for App Pentesting on iOS 13
https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13
A
17:28
Android Security & Malware
Andriller is now open-source

Andriller is software utility with a collection of forensic tools for smartphones.
- Lockscreen cracking for Pattern, PIN code, or Password
- custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications
https://github.com/den4uk/andriller
16 December 2019
A
07:02
Android Security & Malware
Android beta version of Shodan.io app
You can download APK from here: https://github.com/PaulSec/Shodan.io-mobile-app
A
14:30
Android Security & Malware
Forensic Analysis Of Android app DS FILE
https://dsfile-analysis.blogspot.com/2019/12/normal-0-false-false-false-en-us-x-none.html
17 December 2019
A
06:26
Android Security & Malware
Exploiting Trusted Apps in Samsung’s TEE
https://vimeo.com/335947683
A
07:26
Android Security & Malware
f
fs0c131y - Official Channel 17.12.2019 06:45:34
Evolution of Android Binary Hardening https://cyber-itl.org/2019/12/16/android-evolution.html
A
08:58
Android Security & Malware
WhatsApp bug

Sending custom message WhatsApp application will crash in every phone that is a member of this group.
The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop. 
https://research.checkpoint.com/2019/breakingapp-whatsapp-crash-data-loss-bug/
Video demo: https://youtu.be/u-sGONBNrwg
WhatsApp Manipulation Tool: https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint
A
09:47
Android Security & Malware
A Deep Dive Into Samsung's TrustZone (Part 2)
Various tools presented and developed that helped reverse engineere and exploit Trusted Applications as well as Secure Drivers
https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html
A
22:13
Android Security & Malware
Jailbreaking – Checkra1n Configuration #iOS
https://aboutdfir.com/jailbreaking-checkra1n-configuration/
22:19
Tested Ring’s Cameras Security

It making it much easier for hackers to reach cameras in peoples' homes
- no checks from unknown IP
- no captcha for bruteforcing
- doesn't show who is logged in, so hacker can sit silently via @josephfcox
https://www.vice.com/amp/en_us/article/epg4xm/amazon-ring-camera-security
18 December 2019
A
14:16
Android Security & Malware
How to decrypt iOS Signal database
https://github.com/Magpol/HowTo-decrypt-Signal.sqlite-for-IOS/blob/master/README.md
A
19:51
Android Security & Malware
TikTok app had virtually all privacy features disabled by default
https://www.billboard.com/articles/business/legal-and-management/8545568/tiktok-class-action-lawsuit-child-privacy
A
20:12
Android Security & Malware
Ad fraud rate reaches 26% on Android apps in Q3
https://www.mobilemarketer.com/news/ad-fraud-rate-reaches-26-on-android-apps-study-says/569302/
19 December 2019
A
13:59
Android Security & Malware
Reverse Engineering Resource Collection including Android & iOS
3000+ open source tools, ~600 blog posts.
https://github.com/alphaSeclab/awesome-reverse-engineering/blob/master/Readme_en.md
A
20:41
Android Security & Malware
T
The Bug Bounty Hunter 19.12.2019 18:14:55
Android Smartphone manufacturer #OnePlus launches an official 'Bug Bounty Program' with rewards up to $7000 for reporting security vulnerabilities.

security.oneplus.com/index.html

Special cases: up to $7,000
Critical: $750 - $1,500
High: $250 - $750
Medium: $100 - $250
Low: $50 - $100
20 December 2019
A
07:43
Android Security & Malware
T
The Bug Bounty Hunter 20.12.2019 06:43:41
Apple Security Bounty
https://developer.apple.com/security-bounty/
A
07:53
Android Security & Malware
Android Root Detection Bypass By Manual Code Manipulation (repacking)
https://medium.com/@sarang6489/root-detection-bypass-by-manual-code-manipulation-5478858f4ad1
A
08:13
Android Security & Malware
Apple Platform Security (Fall 2019)
https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/apple-platform-security-guide.pdf
A
08:32
Android Security & Malware
BFU Extraction: Forensic Analysis of Locked and Disabled iPhones
https://blog.elcomsoft.com/2019/12/bfu-extraction-forensic-analysis-of-locked-and-disabled-iphones/
21 December 2019
A
11:18
Android Security & Malware
T
The Bug Bounty Hunter 21.12.2019 11:15:51
Full Account Takeover (Android Application)
https://medium.com/@vbharad/full-account-takeover-android-application-78fa922f78c5
22 December 2019
A
11:41
Android Security & Malware
T
The Bug Bounty Hunter 22.12.2019 11:32:48
Android Root Detection Bypass Using Objection and Frida Scripts
https://medium.com/@GowthamR1/android-root-detection-bypass-using-objection-and-frida-scripts-d681d30659a7
23 December 2019
A
04:01
Android Security & Malware
Analysis of ToTok iOS application from App Store
-checkra1n
-iProxy
-Frida
https://objective-see.com/blog/blog_0x52.html
A
09:25
Android Security & Malware
Android Malware Scoring System
An Obfuscation-Neglect Android Malware Scoring System
https://github.com/quark-engine/quark-engine
A
13:45
Android Security & Malware
Checkra1n Era - Ep 5 - Automating extraction and processing
https://blog.digital-forensics.it/2019/12/checkra1n-era-ep-5-automating.html
24 December 2019
A
06:48
Android Security & Malware
Total mobile surveillance
Your smartphone can broadcast your exact location thousands of times per day, through hundreds of apps, instantaneously to dozens of different companies. Each of those companies has the power to follow individual mobile phones wherever they go, in near-real time.
https://www.nytimes.com/interactive/2019/12/21/opinion/location-data-privacy-rights.html
06:53
3 Steps to Protect Your Phone

1. Stop sharing your location with apps
2. Disable your mobile ad ID
3. Prevent Google from storing your location
https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-privacy-tips.html
A
21:03
Android Security & Malware
100 Android AdFraud apps found on Google Play
https://www.whiteops.com/blog/bringing-starchild-down-to-earth-soraka-sdk
27 December 2019
A
06:13
Android Security & Malware
A security researcher said he has matched 17 million phone numbers to Twitter user accounts by exploiting a flaw in Twitter’s Android app
https://techcrunch.com/2019/12/24/twitter-android-bug-phone-numbers/
29 December 2019
A
17:53
Android Security & Malware
Hunting Credentials and Secrets in iOS Apps #pentest #bugbounty
https://spaceraccoon.dev/low-hanging-apples-hunting-credentials-and-secrets-in-ios-apps
A
20:30
Android Security & Malware
KTRW: The journey to build a debuggable iPhone
https://media.ccc.de/v/36c3-10806-ktrw_the_journey_to_build_a_debuggable_iphone
30 December 2019
A
00:10
Android Security & Malware
Reverse Engineering of Looney Tunes: Carrot Crazy game
Part 1 - Passwords #retro #GameBoy
https://www.huderlem.com/blog/posts/carrot-crazy-1/
A
06:55
Android Security & Malware
Twitter for Android could allow a bad actor to see nonpublic account information or to control your account (i.e., send Tweets or Direct Messages)
https://privacy.twitter.com/en/blog
A
11:04
Android Security & Malware
Remotely Compromising an iPhone through iMessage #presentation
https://media.ccc.de/v/36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage
11:10
Unterhering iOS
Running unsigned code at boot on iOS 11. I will demonstrate how you can start out with a daemon config file and end up with kernel code execution
https://media.ccc.de/v/36c3-11034-tales_of_old_untethering_ios_11
A
11:26
Android Security & Malware
Potential risks of secure messaging system
Dive into end-to-end encryption, OTR and deniability, and then the axolotl construction used by Signal #presentation
https://media.ccc.de/v/36c3-10565-what_s_left_for_private_messaging
A
11:42
Android Security & Malware
SIM card technology from A-Z #presentation
https://media.ccc.de/v/36c3-10737-sim_card_technology_from_a-z
31 December 2019
A
11:05
Android Security & Malware
Lesser-known Tools for Android Application PenTesting

-Magisk + modules
-DisableFlagSecure
-AdbManager
-ProxyDroid
-pidcat
-resize
https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html
A
12:12
Android Security & Malware
Mobile Securit Framework (MobSF) v3 (released in December 2019)

-OWASP Mobile Top 10 2016 is supported
-iOS & Android Analysis improved
http://mobsf.github.io/Mobile-Security-Framework-MobSF/changelog.html
2 January 2020
A
07:19
Android Security & Malware
Android malware threats of December, 2019
Full list - http://skptr.me/malware_timeline_2019.html
Download samples - https://github.com/sk3ptre/AndroidMalware_2019
A
07:37
Android Security & Malware
iOS Application Injection
https://arjunbrar.com/post/ios-application-injection
A
07:53
Android Security & Malware
You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you
https://www.nowsecure.com/blog/2020/01/02/how-to-conduct-jailed-testing-with-frida/
3 January 2020
A
07:49
Android Security & Malware
CyberTruck Challenge 2019 — Android CTF
https://medium.com/bugbountywriteup/cybertruck-challenge-2019-android-ctf-e39c7f796530
5 January 2020
A
07:39
Android Security & Malware
AirDoS: Spam all nearby iOS devices with the AirDrop share popup
https://kishanbagaria.com/airdos/
PoC: https://github.com/KishanBagaria/AirDoS
6 January 2020
A
15:40
Android Security & Malware
First Attack Exploiting CVE-2019-2215 (use-after-free vulnerability) Found on Google Play #SideWinder
https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/
8 January 2020
A
05:27
Android Security & Malware
What a interesting vulnerability in HockeyApp platform #Android #iOS #BugBounty

Leaked API key allowed:
-fetch internal employee contacts
-distribute #malware directly to devices of organization employees as internal app update

+PoC Metasploit scenario
https://www.allysonomalley.com/2020/01/06/saying-goodbye-to-my-favorite-5-minute-p1/
A
07:45
Android Security & Malware
CSRF + XSS + SMS spoofing + Android deep link URL redirection

Great example of chaining low impact vulnerabilities in #TikTok to remotely manipulate account content

-delete user video
-upload user video
-make "private" videos "public"
https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/
9 January 2020
A
14:07
Android Security & Malware
AdFraud malware found on Google Play with 100K installs
https://www.evina.fr/a-malware-rises-to-the-top-applications-in-google-play-store/
A
16:23
Android Security & Malware
Android smartphone - UMX U686CL - comes with preinstalled and unremovable malware.
Selling of this phone is funded by US government for lower income people.
https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/
A
17:13
Android Security & Malware
T
The Bug Bounty Hunter 09.01.2020 15:29:20
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
A
17:31
Android Security & Malware
T
The Bug Bounty Hunter 09.01.2020 17:15:44
Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
A
17:32
Android Security & Malware
T
The Bug Bounty Hunter 09.01.2020 17:16:17
Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
A
17:57
Android Security & Malware
Reverse engineering and modifying an Android game — CTF https://link.medium.com/3j3UHWdj72
A
19:16
Android Security & Malware
Joker Trojan Family history by Google

-tracked since 2017
-removed 1.7K unique apps before going public
-SMS fraud then WAP billing (as we know Joker now)
-at peak, 23 different Jokers submitted in one day to Google Play
https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html
10 January 2020
A
21:52
Android Security & Malware
Memory corruption vulnerability in audio processing during a voice call in #WeChat app

Report includes PoC code + steps how to reproduce the bug
https://bugs.chromium.org/p/project-zero/issues/detail?id=1948
11 January 2020
A
08:53
Android Security & Malware
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks
https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/
12 January 2020
A
07:46
Android Security & Malware
Detect Frida for Android
https://darvincitech.wordpress.com/2019/12/23/detect-frida-for-android/
A
08:18
Android Security & Malware
"Research shows that 91% of pre-installed apps do not appear in Google Play"

Privacy International and over 50 other organisations have submitted a letter asking Google to take action against exploitative pre-installed software on Android devices.
http://privacyinternational.org/advocacy/3320/open-letter-google
A
08:40
Android Security & Malware
Android Trojan Shopper

It can disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more
https://securelist.com/smartphone-shopaholic/95544/
A
08:59
Android Security & Malware
Updated House (runtime mobile application analysis toolkit) can hook functions in dynamically loaded dex/jar files
https://github.com/nccgroup/house
13 January 2020
A
21:37
Android Security & Malware
How to make your Android app network communication secure
https://infinum.com/the-capsized-eight/how-to-prepare-your-android-app-for-a-pentest
14 January 2020
A
18:19
Android Security & Malware
Subscription scams found on Google Play -
25 apps with almost 600M installs
https://news.sophos.com/en-us/2020/01/14/fleeceware-apps-persist-on-the-play-store/
15 January 2020
A
11:52
Android Security & Malware
All iPhones running iOS 10 or later can now be used as hardware security keys for Google accounts
https://www.zdnet.com/article/you-can-now-use-an-iphone-as-a-security-key-for-google-accounts/
Step-by-step tutorial: https://support.google.com/accounts/answer/9289445
A
13:00
Android Security & Malware
Seventeen Android HiddenAd Trojans Found in Google Play With Total Over 550K Downloads
https://labs.bitdefender.com/2020/01/seventeen-android-nasties-spotted-in-google-play-total-over-550k-downloads/
16 January 2020
17 January 2020
A
11:20
Android Security & Malware
Vulnerability in Android OneDrive app allowed to bypass passcode or fingerprint
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0654
A
13:39
Android Security & Malware
How to develope and test secure #iOS apps + video demos #MASVS #MSTG
https://www.dropbox.com/sh/tsog4fwa3wg4rd9/AADuNKjtQNaliYSBjr28SevPa?dl=0
18 January 2020
A
07:06
Android Security & Malware
Chinese phone maker OPPO partners with #HackerOne to launch bug bounty program
https://security.oppo.com/en/
19 January 2020
A
09:09
Android Security & Malware
How to write #iOS program that allows to render arbitrary strings to the #iPhone screen by directly modifying the framebuffer pixels https://link.medium.com/REb7yRhkn3
20 January 2020
A
05:01
Android Security & Malware
Exploiting SQL Injection in Android's Download Provider (CVE-2019-2198)

Blind SQL injection in Android's Download Provider will retrieve user cookies of downloaded file website (e.g. Gmail).
Patched in November's 2019 Android Security Bulletin.
PoC + info:https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere/
A
06:56
Android Security & Malware
Bruteforce password recovery code for Bumble #iOS app
https://hackerone.com/reports/743545
A
20:01
Android Security & Malware
Awesome GitHub Repos
1. Book of Secret Knowledge = https://lnkd.in/fWKCdi4
2. Awesome Hacking = https://lnkd.in/f7VPTEX
3. Awesome Bug Bounty = https://lnkd.in/fPrQiVD
4. Awesome Penetration Testing = https://lnkd.in/fAUZgu5
5. Awesome Web Hacking = https://lnkd.in/f5n2hSd
6. Awesome Hacking Resources = https://lnkd.in/fcJ6wFH
7. Awesome Pentest = https://lnkd.in/fNNSFeN
8. Awesome Red Teaming = https://lnkd.in/fGpievF
9. Awesome Web Security = https://lnkd.in/ffG73u2
10. Penetration Test Guide based on OWASP = https://lnkd.in/ffyBwzG
11. Pentest Compilation = https://lnkd.in/f5JwJTD
12. Infosec Reference = https://lnkd.in/fY6wNmX
21 January 2020
A
03:44
Android Security & Malware
Android Unpacking Automation (Docker + Frida)
https://github.com/corellium/corellium-android-unpacking
22 January 2020
A
03:25
Android Security & Malware
Hacking Sony PlayStation Blu-ray Drives #slides
https://github.com/oct0xor/presentations/blob/master/Hacking%20Sony%20PlayStation%20Blu-ray%20Drives.pdf
A
07:47
Android Security & Malware
Jeff Bezos smartphone was hacked by NSO group spyware - #Pegasus
https://www.theguardian.com/technology/2020/jan/21/amazon-boss-jeff-bezoss-phone-hacked-by-saudi-crown-prince
A
12:34
Android Security & Malware
ProtonVPN is the first VPN provider to open source apps on all platforms (Windows, macOS, Android, and iOS) and undergo an independent security audit
https://github.com/ProtonVPN/android-app
A
16:36
Android Security & Malware
Stats of Android.Xiny trojan family

Installing applications without user permission has always been Android.Xiny's principal function. Thus, attackers can profit from pay-per-install referral programmes
https://news.drweb.com/show/?i=13627&lng=en
23 January 2020
A
05:36
Android Security & Malware
Forensic analysis of Jeff Bezos hacked #iPhoneX

iPhone was exploited via #WhatsApp vulnerability that probably triggered RCE.
Similar exploit was fixed in October 2019 - CVE-2019-11932(double-free vulnerability) but instead of video it was triggered by GIF.
https://www.documentcloud.org/documents/6668313-FTI-Report-into-Jeff-Bezos-Phone-Hack.html
A
07:35
Android Security & Malware
Analysis of Opera for Android vulnerability to a sandboxed cross-origin iframe bypass attack (CVE-2019-19788)
https://blog.confiant.com/trending-client-side-innovations-in-malvertising-payloads-914d9f614ed1
24 January 2020
A
13:47
Android Security & Malware via @vote
What mobile OS you are using?
anonymous poll

Android – 408
👍👍👍👍👍👍👍 80%

iOS – 76
👍 15%

other – 10
▫️ 2%

Windows Mobile – 9
▫️ 2%

KaiOS – 5
▫️ 1%

👥 508 people voted so far.
A
15:17
Android Security & Malware
United Nations officials will not use #WhatsApp to communicate because it’s not supported as a secure mechanism #JeffBezos
https://www.reuters.com/article/us-un-whatsapp/u-n-says-officials-barred-from-using-whatsapp-since-june-2019-over-security-idUSKBN1ZM32P
27 January 2020
A
18:27
Android Security & Malware
Penetration Testing & Hacking Tools List (30+)

- Penetration Testing Resources
- Exploit Development
- OSINT Resources
- Anonymity Tools
- Social Engineering
- Reverse Engineering Tools
- Operating Systems
- Vulnerability Databases
- Penetration Testing Distributions
- Docker for Penetration Testing
- Multi-paradigm Frameworks
- Vulnerability Scanners
- Static Analyzers
- Web Scanners
- Network Tools
- Wireless Network Hacking Tools
- Transport Layer Security Tools
- Web Exploitation
- Hex Editors
- File Format Analysis Tools
- Defense Evasion Tools
- Hash Cracking
- Windows Utilities
- GNU/Linux Utilities
- macOS Utilities
- Lock Picking Resources
- CTF Tools
- Books
- Security Courses
https://itshackingnews.blogspot.com/2020/01/penetration-testing-hacking-tools.html
28 January 2020
A
04:16
Android Security & Malware
Ring doorbell app on Android shares its users personal information with third-party companies

-names, email
-private IP addresses
-mobile network carriers
-persistent identifiers
-sensor data (magnetometer, gyroscope,accelerometer)
-etc.
https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers
A
18:40
Android Security & Malware
Another New York Times journalist targeted by mobile spyware #Pegasus created by NSO Group
https://citizenlab.ca/2020/01/stopping-the-press-new-york-times-journalist-targeted-by-saudi-linked-pegasus-spyware-operator/
30 January 2020
A
12:38
Android Security & Malware
Forensics detective says Android phones are now harder to crack than iPhones

"The tool could not extract any social media, internet browsing, or GPS data from devices such as the Google Pixel 2 and Samsung Galaxy S9. In the case of the Huawei P20 Pro, the cracking software literally got nothing."
https://www.androidauthority.com/android-encryption-forensics-1078668/
A
14:32
Android Security & Malware
Apple WebKit team aims to improve the security of one-time passcodes sent to users via SMS
https://www.zdnet.com/google-amp/article/apple-wants-to-standardize-the-format-of-sms-otps-one-time-passcodes/
31 January 2020
A
03:19
Android Security & Malware
mobile-report.pdf
6.3 MB
Mobile Ad Fraud - A multi-billion dollar criminalenterprise
03:32
Popular Android Malware Threats - January, 2020
http://skptr.me/malware_timeline_2020.html
A
08:53
Android Security & Malware
The worst mistakes made by the law enforcement and iOS forensic experts
https://blog.elcomsoft.com/2020/01/the-worst-mistakes-in-ios-forensics/
A
16:18
Android Security & Malware
DeStroid - Fighting String Encryption in Android Malware
https://github.com/fkie-cad/DeStroid
1 February 2020
A
14:16
Android Security & Malware
Now you can root using exploit Galaxy S9, Galaxy S9+ and Galaxy Note 9 if you’re running Android 8.0 or 8.1 Oreo.
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
3 February 2020
A
03:35
Android Security & Malware
Analysis of native react Android applications
https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/
A
10:32
Android Security & Malware
Android Malware Targets Diabetic Patients
https://www.fortinet.com/blog/threat-research/android-malware-targets-diabetic-patients.html
4 February 2020
A
03:36
Android Security & Malware
Fugu - is the first open source jailbreak tool based on the checkm8 exploit #iOS
https://github.com/LinusHenze/Fugu
A
10:53
Android Security & Malware
Exploiting Insecure Firebase Database in Android apps
https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/
5 February 2020
A
03:29
Android Security & Malware
In the case you prefer Android InfoSec news rather on Facebook, we are there.
It is better for posting visuals and videos.
Feel free to like us https://facebook.com/AndroidInfoSec/
A
16:12
Android Security & Malware
Analyzing iOS WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
6 February 2020
A
05:32
Android Security & Malware
Overview of mobile malware detected in December 2019 by Doctor Web
https://news.drweb.com/show/review/?i=13641&lng=en
A
06:12
Android Security & Malware
MadDroid: Detecting Devious Ad Contents for Android Apps
https://arxiv.org/pdf/2002.01656.pdf
A
09:56
Android Security & Malware
Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
https://blog.trendmicro.com/trendlabs-security-intelligence/malicious-apps-on-google-play-communicate-with-trojans-install-malware-perform-mobile-ad-fraud/
A
18:27
Android Security & Malware
Anubis Banking Trojan still spreads via email as fake invoice
https://cofense.com/infostealer-keylogger-ransomware-one-anubis-targets-250-android-applications/
A
21:14
Android Security & Malware
Bluetooth Vulnerability in Android (CVE-2020-0022)

Bug allows an attacker to execute arbitrary code with the privileges of the Bluetooth daemon
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
7 February 2020
A
08:53
Android Security & Malware
T
The Bug Bounty Hunter 07.02.2020 04:12:06
Android: How to Bypass Root Check and Certificate Pinning
https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
8 February 2020
A
17:13
Android Security & Malware
iOS exploit development series:

Part 1: Heap Exploit Development:
https://azeria-labs.com/heap-exploit-development-part-1/

Part 2: Heap Overflows and the iOS Kernel Heap
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/

Part 3: Grooming the iOS Kernel Heap
https://azeria-labs.com/grooming-the-ios-kernel-heap/
10 February 2020
A
16:26
Android Security & Malware
Elector app leaked personal information – ID, full name, address, and phone – of almost 6.5 million Israelis with voting rights
https://securityaffairs.co/wordpress/97603/data-breach/elector-app-israel-data-leak.html
11 February 2020
A
10:24
Android Security & Malware
Infographic Security: Mobile App Pentest
10:24
A
13:12
Android Security & Malware
rvi_capture
A utility to create packet capture dumps from iOS devices (for debugging network activity via Wireshark)
https://github.com/gh2o/rvi_capture
A
13:30
Android Security & Malware
Android Smali Debugger
https://github.com/CalebFenton/simplify/blob/master/sdbg/README.md
A
17:05
Android Security & Malware
Overview of mobile malware detected in January 2020 by Doctor Web
https://news.drweb.com/show/?i=13669&lng=en
A
20:28
Android Security & Malware
Android security research, with focus on Arm TrustZone

Understanding Trusted Execution Environments and the Arm TrustZone Technology
https://azeria-labs.com/trusted-execution-environments-tee-and-trustzone/
12 February 2020
A
03:09
Android Security & Malware
The Mobile Hacking CheatSheet #Android #iOS
03:09
03:09
03:09
A
07:31
Android Security & Malware
How Google Play fought bad apps and malicious developers in 2019
https://android-developers.googleblog.com/2020/02/how-we-fought-bad-apps-and-malicious.html
A
16:09
Android Security & Malware
Android Trojan xHelper uses persistent re-infection tactics: here’s how to remove
https://blog.malwarebytes.com/android/2020/02/new-variant-of-android-trojan-xhelper-reinfects-with-help-from-google-play/
13 February 2020
A
04:16
Android Security & Malware
Memory corruption in Samsung's Android kernel (Galaxy A50, A505FN)
https://googleprojectzero.blogspot.com/2020/02/mitigations-are-attack-surface-too.html
A
19:58
Android Security & Malware
T
The Bug Bounty Hunter 13.02.2020 19:52:20
INTRODUCTION TO ANDROID HACKING BY @0XTEKNOGEEK
https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking
14 February 2020
A
05:20
Android Security & Malware
Analysis of techniques to bypass the Android Security Config control with Frida
https://neo-geo2.gitbook.io/adventures-on-security/frida/analysis-of-network-security-configuration-bypasses-with-frida
A
09:11
Android Security & Malware
Bad Binder - Finding an Android In The Wild 0-day
https://github.com/maddiestone/ConPresentations/blob/master/OffensiveCon2020.BadBinder.pdf
15 February 2020
A
11:09
Android Security & Malware
Detecting Memory Corruption Bugs With HWASan in Android
https://android-developers.googleblog.com/2020/02/detecting-memory-corruption-bugs-with-hwasan.html
A
12:32
Android Security & Malware
Malwarebytes Labs releases 2020 State of Malware Report
https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf
12:32
12:32
A
12:41
Android Security & Malware
T
The Bug Bounty Hunter 15.02.2020 12:31:29
JAVASCRIPT INJECTION IN SIX ANDROID MAIL CLIENTS
https://www.gubello.me/blog/javascript-injection-in-six-android-mail-clients/
16 February 2020
A
12:04
Android Security & Malware
Shodan Pentesting Guide

Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.
https://community.turgensec.com/shodan-pentesting-guide/
A
16:37
Android Security & Malware
Hamas Android Malware On IDF Soldiers
This MRAT (Mobile Remote Access Trojan) is disguised as a set of dating apps, “GrixyApp”, “ZatuApp”, and “Catch&See”.
https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/
17 February 2020
A
04:45
Android Security & Malware
Phishing campaign targeting mobile banking users
Nearly 4,000 victims fall for off-the-shelf, mobile-only phishing attack
https://blog.lookout.com/lookout-phishing-ai-reveals-mobile-banking-phishing-campaign
A
06:30
Android Security & Malware
WhatsApp bug allowed anyone who has the victim phone to read their contacts list without unlocking the device
Fixed in version 2.19.198
https://medium.com/bugbountywriteup/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
A
13:05
Android Security & Malware
T
The Bug Bounty Hunter 17.02.2020 11:46:05
Blind IDOR in LinkedIn iOS application
https://hailstorm1422.com/linkedin-blind-idor/
A
19:18
Android Security & Malware
Faketoken: full analysis of this dangerous banking Trojan
https://www.buguroo.com/en/blog/faketoken-full-analysis-of-this-dangerous-banking-trojan
18 February 2020
A
03:16
Android Security & Malware
iOS App Static Security Analysis using Frida
https://asciinema.org/a/302160
A
14:13
Android Security & Malware
ToTok app removed from Google Play for the second time
https://9to5google.com/2020/02/14/google-play-removes-totok/
A
16:11
Android Security & Malware
No Clicks Required - Exploiting Memory Corruption Vulnerabilities in Messenger Apps
https://saelo.github.io/presentations/offensivecon_20_no_clicks.pdf
A
17:18
Android Security & Malware
The Android Binder PoC exploit (CVE-2019-2215)
https://github.com/DimitriFourny/cve-2019-2215
19 February 2020
A
07:13
Android Security & Malware
Static analysis of an Android App #BugBounty
Insecure storage of SMS API credentials -> Takeover the SMS API
https://blog.securitybreached.org/2020/02/19/hacking-sms-api-service-provider-of-a-company-android-app-static-security-analysis-bug-bounty-poc/
A
18:19
Android Security & Malware
Tools and techniques required for iOS applications pentesting https://link.medium.com/Zm1K1eGpd4
20 February 2020
A
10:09
Android Security & Malware
29 iOS PDF File convertors apps upload files via HTTP - Vulnerable to MitM attack
https://www.wandera.com/shadow-it-comet-docs/
A
19:30
Android Security & Malware
A ‘stalkerware’ Android app - KidsGuard - leaked phone data from thousands of victims
https://techcrunch.com/2020/02/20/kidsguard-spyware-app-phones/
21 February 2020
A
07:28
Android Security & Malware
Google removed 600 Android apps from Play Store for Serving Disruptive Ads

Disruptive ads: "Ads that are displayed to users in unexpected ways, including impairing or interfering with the usability of device functions"
https://security.googleblog.com/2020/02/disruptive-ads-enforcement-and-our-new.html
A
09:56
Android Security & Malware
Android App Fraud – Haken Clicker and Joker Premium Dialer
https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/
A
10:12
Android Security & Malware
Detailed analysis of Android Joker malware family from Google Play
https://abalabs.com/2020/02/20/a-closer-look-at-the-native-speaking-android-joker-malware-from-google-play/
22 February 2020
A
08:06
Android Security & Malware
T
The Bug Bounty Hunter 22.02.2020 07:46:41
iOS app crashed by specially crafted direct message reactions https://hackerone.com/reports/784676
A
15:05
Android Security & Malware
T
The Bug Bounty Hunter 22.02.2020 07:45:41
Periscope android app deeplink leads to CSRF in follow action https://hackerone.com/reports/583987
23 February 2020
A
04:58
Android Security & Malware
T
The Bug Bounty Hunter 22.02.2020 23:12:03
ALEAPP - Android Logs Events And Protobuf Parser
https://abrignoni.blogspot.com/2020/02/aleapp-android-logs-events-and-protobuf.html
A
15:48
Android Security & Malware
Over 400K private WhatsApp group invite links are exposed to search engines
https://www.xda-developers.com/whatsapp-search-engine-group-invite-links/
A
19:05
Android Security & Malware
Android app pentesting using common tools
https://github.com/riddhi-shree/nullCommunity/tree/master/Android
24 February 2020
A
05:16
Android Security & Malware
Actor selling iOS 0day exploit chain.
includes:
1.Safari RCE
2. LPE - Kernel vulnerability
3. Jailbreak

Price : 2,000,000 Euros
https://twitter.com/underthebreach/status/1231830863362609154
A
05:41
Android Security & Malware
Awesome iOS Application Security Resources
https://enciphers.com/awesome-ios-application-security/
A
08:09
Android Security & Malware
Bypassing OkHttp Certificate Pinning via Android app patching
Lesson Learned: Always keep an eye on the system log while running the target application.
https://captmeelo.com/pentest/2020/02/24/bypass-okhttp-cert-pinning.html
25 February 2020
A
06:46
Android Security & Malware
EU Commission to staff: Switch to Signal messaging app
https://www.politico.eu/pro/eu-commission-to-staff-switch-to-signal-messaging-app/
26 February 2020
A
03:56
Android Security & Malware
Mobile malware evolution in 2019 by Kaspersky

-slightly more ransomware
-slightly less banking Trojans
-more adware
-more stalkerware
https://securelist.com/mobile-malware-evolution-2019/96280/
A
05:34
Android Security & Malware
How to setup a proxy for security testing in iOS13
https://medium.com/@agu3rra/how-to-setup-a-proxy-for-security-testing-in-ios13-242892e1bf3f
27 February 2020
A
05:02
Android Security & Malware
KrØØk: Vulnerability affected encryption of billion+ Wi‑Fi devices (iPhone, iPad, Nexus, Samsung Galaxy, RedMi...)

CVE-2019-15126 causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.
This allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device.
https://www.welivesecurity.com/2020/02/26/krook-serious-vulnerability-affected-encryption-billion-wifi-devices/
05:14
2020 - Year of the RAT

-Cerberus
-Gustuff
-Hydra
-Ginp
-Anubis
https://www.threatfabric.com/blogs/2020_year_of_the_rat.html
A
07:03
Android Security & Malware
LTE Network issue could allow attackers to imporsonate 4G mobile users
https://imp4gt-attacks.net/
A
07:58
Android Security & Malware
What to Look for When Reverse Engineering Android Apps
https://www.nowsecure.com/blog/2020/02/26/what-to-look-for-when-reverse-engineering-android-apps/
1 March 2020
A
17:50
Android Security & Malware
How to emulate an Android ARM32 and/or ARM64 native library, and an experimental iOS ARM32 emulation
https://github.com/zhkl0228/unidbg
2 March 2020
A
03:38
Android Security & Malware
A mysterious bug in the firmware of Google's Titan M chip (CVE-2019-9465)
https://alexbakker.me/post/mysterious-google-titan-m-bug-cve-2019-9465.html
A
06:02
Android Security & Malware
Detect static and dynamic tampering of native code
https://darvincitech.wordpress.com/2020/03/01/yet-another-tamper-detection-in-android/
06:07
Roaming Mantis, part V
SMiShing and enhanced anti-researcher techniques
https://securelist.com/roaming-mantis-part-v/96250/
06:18
Bug in Walgreens mobile app (pharmacy app) leaked users' personal data
The app has over 10M installs on Google Play
https://www.zdnet.com/article/walgreens-says-mobile-app-leaked-users-personal-data/
A
19:45
Android Security & Malware
Android Malware Threats - February, 2020
http://skptr.me/malware_timeline_2020.html
samples: https://github.com/sk3ptre/AndroidMalware_2020
3 March 2020
A
03:33
Android Security & Malware
Temp root vulnerability that affects millions of devices with chipsets from MediaTek - CVE-2020-0069

Exploit has been available on XDA-Developers forums since April 2019.
The vulnerability is actively being exploited in the wild.
https://www.xda-developers.com/mediatek-su-rootkit-exploit/
4 March 2020
A
03:24
Android Security & Malware
Google Authenticator for Android Allows Screen Capture (FLAG_SECURE)
https://wwws.nightwatchcybersecurity.com/2020/03/03/google-authenticator-for-android-allows-screen-capture/
A
07:21
Android Security & Malware
How to Jailbreak iPhone with rooted Android (checkra1n)
https://www.xda-developers.com/jailbreak-apple-iphone-using-checkra1n-rooted-android-phone/
A
07:38
Android Security & Malware
Android app - CM Browser - records all users' web browsing and send it to server
The app is removed from Google Play store now
https://www.forbes.com/sites/thomasbrewster/2020/03/03/warning-an-android-security-app-with-1-billion-downloads-is-recording-users-web-browsing/#27797cf62149
A
15:39
Android Security & Malware
Project Sandcastle: Android for the iPhone
https://projectsandcastle.org/
A
17:43
Android Security & Malware
McAfee Mobile Threat Report - Q1 2020
https://www.mcafee.com/content/dam/consumer/en-us/docs/2020-Mobile-Threat-Report.pdf
5 March 2020
6 March 2020
A
05:51
Android Security & Malware
Android malware mimics click farms - fake review bussiness

This Trojan misuses Accessibility to perform:
- Download Apps from Google Play or APK Pure
- Deactivate Google Play Protect
- Create Fake Accounts with OAuth
- Post fake reviews on Google Play
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-leifaccess-a-is-the-silent-fake-reviewer-trojan/
10 March 2020
A
07:12
Android Security & Malware
Iran built a COVID-19 detection app that it urged citizens to install on their devices
https://www.zdnet.com/article/spying-concerns-raised-over-irans-official-covid-19-detection-app/
A
13:25
Android Security & Malware
Here's how well 17 Android Security Apps Provide Protection
https://www.av-test.org/en/news/here-s-how-well-17-android-security-apps-provide-protection/
A
18:31
Android Security & Malware
Analysis of Latest Android Binder vulnerability (CVE-2020-0041)

Blogpost: https://www.synacktiv.com/posts/exploit/binder-analysis-and-exploitation-of-cve-2020-0041.html
Slides: https://www.synacktiv.com/ressources/thcon2020_binder.pdf
11 March 2020
A
07:15
Android Security & Malware
Play fuzzing machine – hunting iOS/macOS kernel vulnerabilities automatically and smartly
https://www.virusbulletin.com/virusbulletin/2020/03/vb2019-paper-play-fuzzing-machine-hunting-iosmacos-kernel-vulnerabilities-automatically-and-smartly/
12 March 2020
A
03:19
Android Security & Malware
End of Android rooting tool - Magisk

Android SafetyNet will enforce key attestation to verify device status
Info: https://twitter.com/topjohnwu/status/1237656703929180160
Q&A: https://twitter.com/topjohnwu/status/1237830555523149824
A
19:25
Android Security & Malware
Cookiethief: a cookie-stealing Trojan for Android
https://securelist.com/cookiethief/96332/
17 March 2020
A
08:00
Android Security & Malware
Android "coronavirus" malware tracker 📱🦠
https://lukasstefanko.com/2020/03/android-coronavirus-malware.html
A
11:12
Android Security & Malware
Android MonitorMinor stalkerware

When Accessibility services become stalkerware services
https://securelist.com/monitorminor-vicious-stalkerware/95575/
19 March 2020
A
05:28
Android Security & Malware
Commercial surveillance tools exploit COVID-19 to spread (MobiHok, SpyNote, SpyMax)
Source: https://blog.lookout.com/commercial-surveillanceware-operators-latest-to-take-advantage-of-covid-19
A
06:42
Android Security & Malware
New malware protections for Advanced Protection users
https://blog.google/products/android/new-malware-protections-advanced-protection-users/amp/
20 March 2020
05:58
Getting Started in Android apps Pen-testing (PART-1)
https://blog.securitybreached.org/2020/03/17/getting-started-in-android-apps-pentesting/
A
06:42
Android Security & Malware
iOS Security Analysis with MobSF
https://www.netguru.com/codestories/ios-security-analysis-with-mobsf
24 March 2020
A
06:59
Android Security & Malware
Cerberus trojan flies under the COVID-19 flag
https://blog.avira.com/cerberus-flies-under-covid-19-flag/
A
07:25
Android Security & Malware
Over 50 apps found on Play Store contained ad-fraud functionality
https://thehackernews.com/2020/03/android-apps-ad-fraud.html
A
12:48
Android Security & Malware
TrickBot banking malware uses Android component to bypass 2FA
https://securityintelligence.com/posts/trickbot-pushing-a-2fa-bypass-app-to-bank-customers-in-germany/
A
13:08
Android Security & Malware
Autopsy of the Most Stable MediaTek Rootkit CVE-2020-0069
https://blog.quarkslab.com/cve-2020-0069-autopsy-of-the-most-stable-mediatek-rootkit.html
25 March 2020
A
05:45
Android Security & Malware
Android.Circle adware trojan found on Google Play is capable of executing BeanShell scripts
https://news.drweb.com/show/?i=13740&lng=en
Samples: https://github.com/DoctorWebLtd/malware-iocs/blob/master/Android.Circle/README.adoc
A
13:53
Android Security & Malware
Analysis of new Android banking Trojan - Eventbot (chinese)
https://ti.qianxin.com/blog/articles/new-bank-trojan-eventbot-affects-234-financial-applications/
26 March 2020
A
10:11
Android Security & Malware
Zoom iOS App Sends Data to Facebook Even if You Don’t Have a Facebook Account
https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account
A
10:33
Android Security & Malware
Operation Poisoned News

-exploit iOS vulns to install lightSpy malware
-Android dmsSpy
https://blog.trendmicro.com/trendlabs-security-intelligence/operation-poisoned-news-hong-kong-users-targeted-with-mobile-malware-via-local-news-links/
A
16:51
Android Security & Malware
Security vulnerability discovered in Apple’s iOS version 13.4 that prevents VPNs from encrypting all traffic
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
30 March 2020
A
11:39
Android Security & Malware
Patching a split APK to use Objection
https://nickbloor.co.uk/2020/03/29/patching-android-split-apks/
A
11:56
Android Security & Malware
Android 11 system images for QEMU emulator are capable of executing ARM binaries

How? When an app’s process requires an ARM binary, the binary is translated to x86 within that process exclusively
https://android-developers.googleblog.com/2020/03/run-arm-apps-on-android-emulator.html
A
12:53
Android Security & Malware
Runtime Mobile Security - powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime
https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
31 March 2020
A
09:46
Android Security & Malware
Covid19 Tracker Apps

List of mobile apps created by government or police to track citizens
https://fs0c131y.com/covid19-tracker-apps/
A
10:46
Android Security & Malware
Detailed analysis of how Accessibility services are misused by Android malware

+ to complete, there is missing info that such malware can also read and steal 2FA codes from e.g. Google Authenticator (via @reyammer)
https://labs.f-secure.com/blog/how-are-we-doing-with-androids-overlay-attacks-in-2020
2FA: https://reyammer.io/blog/2020/03/17/no-flag-secure-does-not-protect-you-from-a11y-malware-and-google-couldnt-have-protected-2fa-tokens-that-easily/
1 April 2020
A
05:58
Android Security & Malware
Patched and malicious Zoom Android apps
https://labs.bitdefender.com/2020/03/infected-zoom-apps-for-android-target-work-from-home-users/
A
08:52
Android Security & Malware
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox
https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/
3 April 2020
A
02:51
Android Security & Malware
Protecting Android App against Reverse Engineering and Tampering
https://medium.com/avi-parshan-studios/protecting-your-android-app-against-reverse-engineering-and-tampering-a727768b2e9e
A
13:00
Android Security & Malware
Gained unauthorized Camera access on iOS and macOS

Technical walkthrough of discovered several zero-day bugs in Safari during hunt to hack the iOS/MacOS camera
https://www.ryanpickren.com/webcam-hacking
5 April 2020
A
08:25
Android Security & Malware
Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps
https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf
A
08:40
Android Security & Malware
Android Webview Exploited
http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html
6 April 2020
A
14:21
Android Security & Malware
T
The Bug Bounty Hunter 06.04.2020 12:25:17
Bypassing Xamarin Certificate Pinning on Android

https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
7 April 2020
A
13:49
Android Security & Malware
Unkillable xHelper and a Trojan matryoshka
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/
9 April 2020
A
04:36
Android Security & Malware
Subscription scam apps found on iOS App Store

These apps charge subscription rates around $30 per month after a 3 or 7-day trial period
https://news.sophos.com/en-us/2020/04/08/iphone-fleeceware/
11 April 2020
A
06:43
Android Security & Malware
Apple and Google came up with own solution to covid19 contact tracing

-without GPS
-only Bluetooth LE
-in May will release APIs
-user consent is necessity
-should be more secure than country's government own app solution
https://blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/
A
14:40
Android Security & Malware
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy (Android 7-9)
https://medium.com/@Mayank.Grover/intercept-ssl-traffic-to-perform-penetration-testing-on-android-apps-using-charles-debug-proxy-59211859d22f
A
18:21
Android Security & Malware
Vulnerability Analysis of Android SuperVPN app that allows attacker to exchange VPN gateway
https://youtu.be/ofTts7jlC2Y
12 April 2020
A
13:08
Android Security & Malware
OSINT Investigation: Android Cerberus Trojan and the INPS related to COVID19 campaign
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html
13 April 2020
A
11:39
Android Security & Malware
Virtual machine host for iOS
It allows to run Windows, Android, and more on your iPhone and iPad 
https://getutm.app
14 April 2020
A
04:13
Android Security & Malware
Firefox for Android fixed 2 vulnerabilities:

-overwriting preference could lead to arbitrary code execution CVE-2020-6828
-URI spoofing CVE-2020-6827
https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
A
09:02
Android Security & Malware
TikTok Vulnerability Enables Hackers to Show Users Fake Videos
https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/
A
13:02
Android Security & Malware
Nice bug chaining found in Xiaomi Mi9 to achieve RCE

Visit attacker website ->...-> download & launch APK

CVE-2020-9530: A redirect vulnerability in a privileged WebView
CVE-2020-9531: XSS in locally stored web pages loaded into a privileged WebView
https://labs.f-secure.com/advisories/xiaomi-mi9/
15 April 2020
A
18:10
Android Security & Malware
XploitSPY: New Android spyware designed by ethical-ish hackers
https://bushidotoken.blogspot.com/2020/04/xploitspy-new-android-spyware-designed.html
16 April 2020
A
05:54
Android Security & Malware
Nation-state Mobile Malware Targets Syrians with COVID-19 Lures
https://blog.lookout.com/nation-state-mobile-malware-targets-syrians-with-covid-19-lures
A
18:01
Android Security & Malware
Android workshop: kernel vulnerability analysis and exploitation (CVE-2019-2215 - Use after Free)
https://cloudfuzz.github.io/android-kernel-exploitation/
https://github.com/cloudfuzz/android-kernel-exploitation
17 April 2020
A
03:21
Android Security & Malware
T
The Bug Bounty Hunter 16.04.2020 19:04:57
Broken Authentication in Mobile Application

https://medium.com/bugbountywriteup/broken-authentication-in-mobile-application-9f470513a4ab
18 April 2020
A
13:03
Android Security & Malware
Vulnerability Advisory: CVE-2020-7958 biometric data disclosure vulnerability in OnePlus 7 Pro Android phone
https://www.synopsys.com/blogs/software-security/cve-2020-7958/
19 April 2020
A
16:19
Android Security & Malware
Aptoide data breach

Hacker leaked 20 million records out of 39 million Aptoide user records
https://www.zdnet.com/article/details-of-20-million-aptoide-app-store-users-leaked-on-hacking-forum/
A
17:19
Android Security & Malware
T
The Bug Bounty Hunter 19.04.2020 17:14:56
The Zaheck of Android Deep Links!

https://medium.com/@shivsahni2/the-zaheck-of-android-deep-links-a5f57dc4ae4c
A
18:19
Android Security & Malware
Hacking Unity Games (part 2) - Manipulating game state with Frida
https://www.hypn.za.net/blog/2020/04/19/hacking-unity-games-part-2-manipulating/
20 April 2020
A
02:51
Android Security & Malware
How Android banking Trojan (GINP) behaves on real infected device
https://youtu.be/WeL_xSryj8E
A
08:11
Android Security & Malware
T
The Bug Bounty Hunter 20.04.2020 04:01:37
1. iOS Application Pentesting Blog By Sunil Kande

https://techfrendz007.blogspot.com/2020/01/application-pentesting-series.html
A
09:26
Android Security & Malware
iOS Houseparty app analysis
https://abrignoni.blogspot.com/2020/04/ios-houseparty-app-more-realm.html
21 April 2020
A
08:10
Android Security & Malware
Android BasBanke: Behavior on infected device (distribution, install, phishing overlay)
https://youtu.be/IFAVLypbeF4
22 April 2020
A
05:32
Android Security & Malware
Android Banking Trojan Targets Spanish, Portuguese Speaking Users
https://securityintelligence.com/posts/new-android-banking-trojan-targets-spanish-portuguese-speaking-users/
05:42
Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant
https://www.volexity.com/blog/2020/04/21/evil-eye-threat-actor-resurfaces-with-ios-exploit-and-updated-implant/
23 April 2020
A
05:40
Android Security & Malware
iOS RCE vulnerability enables an attacker to remotely infect a device by sending emails (0-click)
https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/
A
15:36
Android Security & Malware
CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag
https://insinuator.net/2020/04/cve-2020-0022-an-android-8-0-9-0-bluetooth-zero-click-rce-bluefrag/
24 April 2020
A
05:26
Android Security & Malware
How Anubis banking Trojan behaves on infected device

-distributed as fake Coronavirus map app
-targeted #Italy
-campaign active from 21.03.2020
-server included APK builder, with 130 already built APKs
-177 infected devices
https://youtu.be/U0UsfO-0uJM
25 April 2020
A
06:02
Android Security & Malware
Bypass OTP using http header https://link.medium.com/LrAMMFK6X5
06:06
New Character Bug in Messages Causing iOS Devices to Crash
https://www.macrumors.com/2020/04/23/ios-character-bug-device-crashes/
27 April 2020
A
10:51
Android Security & Malware
APKEnum: A Python Utility For APK Enumeration https://medium.com/@shivsahni2/apkenum-a-python-utility-for-apk-enumeration-cce0eda6fa30
A
17:47
Android Security & Malware
luject - a static injector of dynamic library for application
https://github.com/lanoox/luject
28 April 2020
A
08:53
Android Security & Malware
Android App Reverse Engineering - Part 1
https://youtu.be/BijZmutY0CQ
A
11:55
Android Security & Malware
Lucy’s Back: Ransomware Goes Mobile
https://research.checkpoint.com/2020/lucys-back-ransomware-goes-mobile/
A
13:15
Android Security & Malware
PhantomLance campaign analysis
https://securelist.com/apt-phantomlance/96772/
A
18:50
Android Security & Malware
How to hook Android Native methods with Frida (Noob Friendly)
https://erev0s.com/blog/how-hook-android-native-methods-frida-noob-friendly/
29 April 2020
A
04:04
Android Security & Malware
Android IPC: Part 1 - Introduction
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=46
04:04
Android IPC: Part 2 - Binder and Service Manager Perspective
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=48
30 April 2020
A
03:40
Android Security & Malware
Cerberus distributed over company's MDM server
https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
A
04:51
Android Security & Malware
EventBot: A Android Banking Trojan analysis
https://www.cybereason.com/blog/eventbot-a-new-mobile-banking-trojan-is-born
1 May 2020
A
09:49
Android Security & Malware
T
The Bug Bounty Hunter 01.05.2020 06:53:15
Stealing your SMS messages with iOS 0day

https://wojciechregula.blog/post/stealing-your-sms-messages-with-ios-0day/
A
18:24
Android Security & Malware
Popular Android malware threats - April, 2020
http://skptr.me/malware_timeline_2020.html
Samples: https://github.com/sk3ptre/AndroidMalware_2020
2 May 2020
A
07:42
Android Security & Malware
Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use
A
13:32
Android Security & Malware
T
The Bug Bounty Hunter 02.05.2020 11:42:27
AndroPyTool
A framework for automated extraction of static and dynamic features from Android applications

https://github.com/alexMyG/AndroPyTool#how-to-install
A
13:49
Android Security & Malware
Reverse engineering Flutter apps
Build process of Flutter applications and explain in detail how to reverse engineer the code
https://blog.tst.sh/reverse-engineering-flutter-apps-part-1/
3 May 2020
A
05:09
Android Security & Malware
List of iOS applications related to COVID-19 with capabilities and permissions they request
https://github.com/ivRodriguezCA/Covid19-Mobile-Apps
A
14:13
Android Security & Malware
T
The Bug Bounty Hunter 02.05.2020 20:27:32
Android Application Penetration Testing / Bug Bounty Checklist

https://blog.softwaroid.com/2020/05/02/android-application-penetration-testing-bug-bounty-checklist/
4 May 2020
A
05:40
Android Security & Malware
Passionfruit NG: Runtime Application Instruments for iOS
https://github.com/ChiChou/Grapefruit
A
09:04
Android Security & Malware
Hacking/OSCP cheatsheet
https://ceso.github.io/posts/2020/04/hacking/oscp-cheatsheet/
A
10:28
Android Security & Malware
30 Reverse Engineering Tips & Tricks
https://blog.vastart.dev/2020/04/guys-30-reverse-engineering-tips-tricks.html
5 May 2020
A
03:12
Android Security & Malware
Cheatsheets for all vulnerabilities
https://github.com/OWASP/CheatSheetSeries/tree/master/cheatsheets
A
03:30
Android Security & Malware
Android SLocker uses Coronavirus scare to lock smartphones
https://labs.bitdefender.com/2020/05/android-slocker-variant-uses-coronavirus-scare-to-take-android-hostage/
A
04:57
Android Security & Malware
PENETRATION TESTING PRACTICE LAB - VULNERABLE APPS / SYSTEMS
https://www.amanhardikar.com/mindmaps/Practice.html
A
07:45
Android Security & Malware
Reverse Engineering the Australian Government’s Coronavirus iOS app
https://medium.com/@wabz/reverse-engineering-the-australian-governments-coronavirus-ios-application-c08790e895e9
A
08:33
Android Security & Malware
Hacking "Razer Pay" e-wallet Android app

Attacker could:
-delete other user's bank account
-extract other user's private info
-possibly steal money from other user's bank account
-read other user's chat messages
https://blog.sambal0x.com/2020/04/30/Hacking-razer-pay-ewallet-app.html
A
18:30
Android Security & Malware
Frida Cheatsheet and Code Snippets for Android
https://erev0s.com/blog/frida-code-snippets-for-android/
6 May 2020
A
03:58
Android Security & Malware
Offensive Security Bookmarks Collection
https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/
A
08:53
Android Security & Malware
Curated list of Web Security materials and resources
https://github.com/qazbnm456/awesome-web-security
A
10:32
Android Security & Malware
Google Assistant on Pixel devices, was able to capture screenshots even when screens were protected with FLAG_SECURE.
Fixed in September 2019 bulletin
https://pankajupadhyay.in/2020/05/01/ok-google-bypass-flag-secure/
7 May 2020
A
03:56
Android Security & Malware
Aarogya Setu app servers discloses more information then necessary by backend server API.
By changing location you could identify COVID19 infected and unwell people in 500m radius anywhere in India.
https://medium.com/@fs0c131y/aarogya-setu-the-story-of-a-failure-3a190a18e34
A
14:24
Android Security & Malware
Oday iOS XML exploit granted an app full access to the entire file system, and more
https://daringfireball.net/linked/2020/05/02/psychic-paper
A
19:57
Android Security & Malware
0-click RCE via MMS

Exploited on Samsung Galaxy Note 10+ phone running Android 10
Analysis: https://bugs.chromium.org/p/project-zero/issues/detail?id=2002
PoC: https://youtu.be/nke8Z3G4jnc
8 May 2020
A
12:25
Android Security & Malware
iOS Static Analysis

-jailbreak
-install IPA apps
-bypass jailbreak detection
-bypass SSL pinning
-keychain dump
https://medium.com/@AbhishekMisal/ios-application-security-static-analysis-cbe7effc6a34
A
15:12
Android Security & Malware
Bypass SSL Pinning on iOS 13 using Frida & Objection
https://zeroinformationsecurity.wordpress.com/2020/05/07/the-only-way-to-bypass-ssl-pinning-on-ios-13
11 May 2020
A
06:01
Android Security & Malware
How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus
https://citizenlab.ca/2020/05/we-chat-they-watch/
A
10:29
Android Security & Malware
Turkey targeted by Cerberus and Anubis Android banking Trojan campaigns
https://bushidotoken.blogspot.com/2020/05/turkey-targeted-by-cerberus-and-anubis.html
12 May 2020
A
04:50
Android Security & Malware
Blackloan: Android banking Trojan targets VISA users in China, Vietnam and Malaysia
https://www.freebuf.com/articles/terminal/233411.html
A
07:03
Android Security & Malware
Analysis of accidentally found RCE + LPE in Pi-hole v4.4 and below. CVE-2020-11108
https://frichetten.com/blog/cve-2020-11108-pihole-rce/
A
08:41
Android Security & Malware
Untold story of Marcus Hutchins arrest and history of creating Kronos banking malware
https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/
A
10:57
Android Security & Malware
Reversing “V-Alert COVID-19” Android/BankBot
https://medium.com/@cryptax/reversing-v-alert-covid-19-android-bankbot-8809c7389f13
14 May 2020
A
06:53
Android Security & Malware
T
The Bug Bounty Hunter 14.05.2020 06:52:49
iOS Swift Anti-Jailbreak Bypass with Frida https://syrion.me/blog/ios-swift-antijailbreak-bypass-frida/
A
08:10
Android Security & Malware
Deep research on Android Spyware Framework - Mandrake - that is active since 2016
https://www.bitdefender.com/files/News/CaseStudies/study/329/Bitdefender-PR-Whitepaper-Mandrake-creat4464-en-EN-interactive.pdf
A
10:38
Android Security & Malware
T
The Bug Bounty Hunter 14.05.2020 10:33:37
Extract endpoints from APK files https://github.com/ndelphit/apkurlgrep
A
16:58
Android Security & Malware
Tracing iOS Kernel Functions - Building a Kernel Function Trace Tool for Security Research
https://youtu.be/qm_oLQFGRsQ
18 May 2020
A
05:44
Android Security & Malware
FBI and CISA shared list of top 10 routinely exploited vulnerabilities
https://www.us-cert.gov/ncas/alerts/aa20-133a
A
17:27
Android Security & Malware
Android Malware in COVID-19 Clothes Steals SMS and Contacts
https://labs.bitdefender.com/2020/05/android-malware-in-covid-19-clothes-steals-sms-and-contacts/
20 May 2020
A
08:22
Android Security & Malware
Android WolfRAT analysis (new version of DenDroid)
https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html
23 May 2020
A
11:18
Android Security & Malware
Banking Trojan found on Google Play

Using Accessibility it steals all the displayed text from launched apps (banking apps, SMS, WhatsApp messages, Google Authenticator...)
It can also remotely launch apps, perform controlled clicks, input text...
https://www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/
A
14:07
Android Security & Malware
Modding a Unity C++ Android Game
https://www.areizen.fr/post/modding-unity-game/
A
19:11
Android Security & Malware
The first public jailbreak for Apple's iOS operating system that should work at launch on all iOS devices
https://www.vice.com/en_us/article/dyz8nw/iphone-ios-ios13-jailbreak-uncover-unc0ver
25 May 2020
A
17:55
Android Security & Malware
Aggressive in-app advertising in Android
https://securelist.com/in-app-advertising-in-android/97065/
27 May 2020
A
09:30
Android Security & Malware
StrandHogg 2.0 - The 'evil twin' vulnerability (CVE-2020-0096)

Vulnerability allows malware app to pose as legitimate apps
https://promon.co/strandhogg-2-0/
28 May 2020
A
11:03
Android Security & Malware
Fraudsters spread a mobile trojan disguised as a Valorant game
https://news.drweb.com/show/?lng=en&i=13838
1 June 2020
A
09:14
Android Security & Malware
This wallpaper triggers a rare bug causing Android devices to bootloop
https://www.xda-developers.com/wallpaper-triggers-rare-bug-causing-android-devices-bootloop/
2 June 2020
A
05:56
Android Security & Malware
Coldboot vulnerability affecting 7 years of LG Android devices CVE-2020-12753
https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability
3 June 2020
A
07:38
Android Security & Malware
Popular Android malware threats in May, 2020
List: http://skptr.me/malware_timeline_2020.html
Samples: https://github.com/sk3ptre/AndroidMalware_2020
4 June 2020
A
11:34
Android Security & Malware
Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique
https://blog.trendmicro.com/trendlabs-security-intelligence/barcode-reader-apps-on-google-play-found-using-new-ad-fraud-technique/
5 June 2020
A
08:14
Android Security & Malware
Guide to Setting Up Android Pentesting Lab #Kali #Genymotion
https://securityjunky.com/guide-to-setting-up-android-pentesting-lab/
8 June 2020
A
05:50
Android Security & Malware
New Tekya Ad Fraud Found on Google Play
https://blog.trendmicro.com/trendlabs-security-intelligence/new-tekya-ad-fraud-found-on-google-play/
9 June 2020
A
09:45
Android Security & Malware
AdFraud apps found on Google Play: 38 apps with 20M+ downloads
https://www.whiteops.com/blog/beauty-and-the-fraud-beast
10 June 2020
A
09:03
Android Security & Malware
This PIN Can Be Easily Guessed
Study of user-chosen 4- and 6-digit PINs collected on smartphones for device unlocking. Measuring the effects of blacklists, where a set of "easy to guess" PINs is disallowed during selection
https://this-pin-can-be-easily-guessed.github.io/
09:10
Quark: Android Malware Scoring System
https://github.com/quark-engine/quark-engine
A
10:38
Android Security & Malware
Awesome Python Security resources
https://github.com/guardrailsio/awesome-python-security
11 June 2020
A
04:49
Android Security & Malware
Noia: Simple Android application sandbox file browser tool #Frida
https://github.com/0x742/noia
12 June 2020
A
04:53
Android Security & Malware
New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
https://blog.trendmicro.com/trendlabs-security-intelligence/new-android-spyware-actionspy-revealed-via-phishing-attacks-from-earth-empusa/
A
06:26
Android Security & Malware
Cryptojacking In Mobile Devices

-What Is Cryptojacking
-How Does Mobile Device Cryptojacking Work
-How To Detect Cryptojacking Attacks
-How To Prevent Cryptojacking On Your Mobile Device
https://secureblitz.com/risks-of-cryptojacking-in-mobile-devices
A
06:54
Android Security & Malware
A survey of recent iOS kernel exploits
https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html
A
07:47
Android Security & Malware
Security & Privacy Risks of Mobile Contact Tracing Apps
https://arxiv.org/pdf/2006.05914.pdf
13 June 2020
A
04:52
Android Security & Malware
Reversing Android Apps
https://speakerdeck.com/marcobrador/mdevcamp-2020-reversing-android-apps
15 June 2020
A
07:39
Android Security & Malware
Frida Boot - A binary instrumentation workshop, with Frida, for beginners!
https://github.com/leonjza/frida-boot
Workshop video: https://youtu.be/CLpW1tZCblo
Slides: https://docs.google.com/presentation/d/1BK4CsGChSKI8BCVsg9Rlv0lY5AfsrbanhIRWnKaP0TI/edit
A
08:14
Android Security & Malware
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
https://youtu.be/BQWcUjzxJE0
A
08:31
Android Security & Malware
Vulnerabilities in LTE and 5G networks 2020
https://positive-tech.com/storage/articles/gtp-2020/threat-vector-gtp-2020-eng.pdf
A
13:30
Android Security & Malware
GrinningSoul: iOS emulator
Built from the ground up for bug bounty hunters, security researchers, and developers.
Coming Q3 2020
https://www.grinningsoul.com/
16 June 2020
A
03:58
Android Security & Malware
How to dump Samsung Galaxy S7 boot ROM using known and fixed security vulnerabilities in Trustzone
https://fredericb.info/2020/06/exynos8890-bootrom-dump-dump-exynos-8890-bootrom-from-samsung-galaxy-s7.html
Source code: https://github.com/frederic/exynos8890-bootrom-dump
17 June 2020
A
06:51
Android Security & Malware
FBI announcement: Increased Use of Mobile Banking Apps Could Lead to Exploitation
https://www.ic3.gov/media/2020/200610.aspx
A
08:37
Android Security & Malware
Intel agencies red-flag use of 52 mobile apps with links to China: Complete list
https://www.hindustantimes.com/india-news/intel-agencies-red-flag-use-of-52-mobile-apps-with-links-to-china-complete-list/story-B50Slf39aSnVOrCcS92l1N.html
A
08:37
Android Security & Malware
T
The Bug Bounty Hunter 16.06.2020 19:44:13
Intercepting Flutter traffic on iOS

https://blog.nviso.eu/2020/06/12/intercepting-flutter-traffic-on-ios/
A
16:28
Android Security & Malware
Trump 2020 Campaign Exposed to Attack via App
https://www.websiteplanet.com/blog/trump-app-vulnerability-report/
18 June 2020
A
03:55
Android Security & Malware
Bugbounty Cheatsheet for the infosec community
It covers Recon workflow, Webapp bugs, Mobile app bugs, API bugs, checklist, tools used, etc. Via Adam Swartz
https://docs.google.com/spreadsheets/d/1TxNrvaIMRS_dmupcwjwJmXtaFk_lPGE1LzgxPu_7KqA/edit?fbclid=IwAR3dktvcemzjYc7OvA-vu6MQMiI9_EpIS4Ei3C7TGKFgMWUG3eWPx2sUr3E#gid=1308919623
A
17:23
Android Security & Malware
Ginp banking Trojan on the rise
https://securityintelligence.com/posts/ginp-malware-operations-rising-expansions-turkey/
17:33
Reverse Engineering Snapchat (Part I): Obfuscation Techniques
https://hot3eed.github.io/snap_part1_obfuscations.html
19 June 2020
06:31
Kuwait and Bahrain have published some of the most invasive Covid-19 contact-tracing apps in the world, putting the privacy and security of their users at risk, Amnesty International says
https://www.bbc.com/news/world-middle-east-53052395
A
07:02
Android Security & Malware
Analysis of Cerberus banking Trojan distributed over phishing websites (Amazon and NetBank)
https://labs.k7computing.com/?p=20468
A
09:54
Android Security & Malware
Analysis of Android Medical Malware, by Cryptax
https://youtu.be/n4YPM53igdw
A
11:11
Android Security & Malware
BitterAPT Revisited: the Untold Evolution of an Android Espionage Tool
https://www.bitdefender.com/files/News/CaseStudies/study/352/Bitdefender-PR-Whitepaper-BitterAPT-creat4571-en-EN-GenericUse.pdf
20 June 2020
A
06:36
Android Security & Malware
FridaLoader: Auto-downloads the Frida server based off the architecture of the device/emulator
https://github.com/dineshshetty/FridaLoader
21 June 2020
A
07:10
Android Security & Malware
COVIDSafe-CVE-2020-12856: A silent pairing issue in bluetooth-based contact tracing apps
https://github.com/alwentiu/COVIDSafe-CVE-2020-12856
22 June 2020
A
05:53
Android Security & Malware
T
The Bug Bounty Hunter 22.06.2020 04:06:33
Reverse Engineering Snapchat (Part II): Debofuscating the Undeobfuscatable

https://hot3eed.github.io/2020/06/22/snap_p2_deobfuscation.html
A
08:38
Android Security & Malware
Collection of writeups, cheatsheets, videos, related to Android Pentesting
https://github.com/jdonsec/AllThingsAndroid
A
10:44
Android Security & Malware
Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group’s Tools #iPhone
https://www.amnesty.org/en/latest/research/2020/06/moroccan-journalist-targeted-with-network-injection-attacks-using-nso-groups-tools/
A
15:19
Android Security & Malware
Let's Reverse Engineer an Android App!
Beginners guide
https://yasoob.me/posts/reverse-engineering-android-apps-apktool/
A
17:42
Android Security & Malware
Reversing “V-Alert COVID-19” - Part 2
https://medium.com/@cryptax/reversing-v-alert-covid-19-part-2-b6c21065e74f
23 June 2020
A
11:20
Android Security & Malware
HiddenAds up to no good again and spreading via Android gaming apps
https://decoded.avast.io/jakubvavra/hiddenads-up-to-no-good-again-and-spreading-via-android-gaming-apps/
A
18:48
Android Security & Malware
T
The Bug Bounty Hunter 23.06.2020 14:35:41
The Top 5 Most Common Mobile App Security Flaws

https://www.allysonomalley.com/2020/06/23/the-top-5-most-common-mobile-app-security-flaws/
24 June 2020
A
06:25
Android Security & Malware
New Android ransomware family identified + decryption tool created (because of the security issue in the code) #CryCryptor
https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/
06:35
France’s COVID-19 tracing app has been downloaded and activated 1.8M times on Android and iOS since launch on 2 June... but then uninstalled 460,000 times.
Src: https://twitter.com/gcluley/status/1275720504092102656
25 June 2020
A
08:45
Android Security & Malware
The #RoamingMantis group targets Android and iOS devices (phishing Apple ID) in Europe #FakeCop
https://medium.com/csis-techblog/the-roamingmantis-groups-expansion-to-european-apple-accounts-and-android-devices-e6381723c681
A
18:00
Android Security & Malware
iOS/MacOS wifi proximity kernel double free in AWDL BSS Steering
https://bugs.chromium.org/p/project-zero/issues/detail?id=2012
28 June 2020
A
13:12
Android Security & Malware
TikTok Secretly Spying On Clipboard of Millions iPhone Users
https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/amp/
29 June 2020
A
08:20
Android Security & Malware
Android malware detection based on image-based features and machine learning techniques
https://link.springer.com/article/10.1007/s42452-020-3132-2
A
18:54
Android Security & Malware
T
The Bug Bounty Hunter 29.06.2020 18:45:44
Android App Source code Extraction and Bypassing Root and SSL Pinning checks

https://vj0shii.github.io/android-app-testing-initial-steps/
30 June 2020
A
06:43
Android Security & Malware
SafetyNet’s dreaded hardware attestation is rolling out, making it much harder for Magisk to hide root
https://www.xda-developers.com/safetynet-hardware-attestation-hide-root-magisk/
A
13:36
Android Security & Malware
Android 11

Privacy updates:
•Auto-reset permissions from unused apps!
•Package visibility: can't list installed apps!
•New, clearer permission to obtain user phone number!
•One-time permissions (temp granted permissions)
•Background location access
•Scoped Storage
https://developer.android.com/preview/privacy
A
13:56
Android Security & Malware
Intercept & view all Android HTTP(S)
Mock endpoints or entire servers
Rewrite, redirect, or inject errors
https://httptoolkit.tech/android
A
16:46
Android Security & Malware
Clipboard Toast
An Xposed module that notifies you whenever an app reads your clipboard
https://github.com/ubuntuegor/ClipboardToast
1 July 2020
A
04:36
Android Security & Malware
Package visibility in Android 11 #ForDevelopers
https://medium.com/androiddevelopers/package-visibility-in-android-11-cc857f221cd9
A
07:37
Android Security & Malware
Android FakeSpy analysis | Roaming Mantis
https://www.cybereason.com/blog/fakespy-masquerades-as-postal-service-apps-around-the-world
2 July 2020
A
05:45
Android Security & Malware
Multiyear Surveillance Campaigns Discovered Targeting Uyghurs | mAPT | SilkBean| DoubleAgent CarbonSteal | GoldenEagle
https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malware-tr-us.pdf
3 July 2020
A
04:14
Android Security & Malware
Popular Android malware threats - Jun, 2020
Full list: http://skptr.me/malware_timeline_2020.html
Download samples: https://github.com/sk3ptre/AndroidMalware_2020
A
07:45
Android Security & Malware
LinkedIn iOS app is copying the contents every clipboard keystroke. IOS 14 allows users to see each paste notification
https://www.zdnet.com/article/linkedin-says-ios-clipboard-snooping-after-every-key-press-is-a-bug-will-fix/
A
10:22
Android Security & Malware
Android Keylogger Injector demo
Be aware of such techniques when downloading any app, because free tutorial how to create keylogger injector is available on underground forums
https://youtu.be/jpmUUuNUIfo
A
11:27
Android Security & Malware
T
The Bug Bounty Hunter 03.07.2020 11:24:44
Insecure iOS Storage - DVIAv2 Part 1

https://philkeeble.com/ios/Insecure-iOS-Storage/
4 July 2020
A
06:32
Android Security & Malware
MobOk Malware found on Google Play

Functionality:
-Switching from Wi-Fi to Data Connection
-Subscribing to premium mobile services
-Solving Image-based CAPTCHA using an external image recognition service
-Stealing SMS used for 2FA
-Using the accessibility services to carry-on malicious activities on the screen
https://blog.zimperium.com/zimperium-discovers-mobok-malware-left-undetected-by-mobile-av-industry-for-months/
A
15:52
Android Security & Malware
Police cracked encryption in EncroChat to read messages between drug criminals, hitmen and murder orders
https://www.nytimes.com/2020/07/02/world/europe/encrypted-network-arrests-europe.html
5 July 2020
A
08:07
Android Security & Malware
How to use #Frida and #BurpSuite to quickly identify mobile app functionality
https://youtu.be/07K5DZXMvB4
A
08:41
Android Security & Malware
Repairing your smartphone or installing a ROM now will be a crime in Mexico
https://www.xataka.com.mx/legislacion-y-derechos/reparar-tu-smartphone-instalarle-rom-sera-delito-mexico-nueva-ley-que-proteje-candados-digitales-explicada
6 July 2020
A
04:10
Android Security & Malware
DroneSploit - A pentesting console framework dedicated to drones
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
A
07:56
Android Security & Malware
Analysis of EventBot: Android banking Trojan
Here is available patched EventBot payload that displays debug logs while being executed on device to helps understand its malicious functionality
https://youtu.be/qqwOrLR2rgU
A
09:11
Android Security & Malware
[Virtual] Android Security Symposium 2020 starts now

Program: https://android.ins.jku.at/symposium/program/
Live stream: https://youtu.be/zxkbyyl-9b8
A
19:25
Android Security & Malware
Collection of smartphone adware
https://securelist.com/pig-in-a-poke-smartphone-adware/97607/
7 July 2020
A
06:24
Android Security & Malware
Cerberus Analysis
Untold story of Cerberus discovery and communication with the malware operators.
Talks includes malicious functionality analysis and distribution with over 9,000+ website clicks in 24 hours
https://youtu.be/79fQmmK5RT4
A
18:01
Android Security & Malware
Reversing DexGuard
Code Obfuscation & RASP: https://www.pnfsoftware.com/blog/reversing-dexguard/
Assets and Code Encryption: https://www.pnfsoftware.com/blog/reversing-dexguard-encryption/
8 July 2020
A
04:29
Android Security & Malware
Banking Trojan Cerberus Made it onto the Google Play Store
https://blog.avast.com/avast-finds-banking-trojan-cerberus-on-google-play-avast?utm_campaign
A
05:47
Android Security & Malware
Review of the Bahrain mobile application on both iOS and Android with a focus on the process transparency, security, privacy, tracing capabilities, and accessibility
https://blog.ostorlab.co/covid19-how-to-carry-nation-scale-mobile-devices-compromise.html
9 July 2020
A
07:25
Android Security & Malware
New Joker variant hits Google Play with an old trick
https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
A
08:22
Android Security & Malware
Bug chaining in Android MX Player to achieve code execution

1) receive shared data file from other device
2) data file will exploit path traversal vulnerability
3) RCE of received data file

PoC: https://github.com/tenable/poc/tree/master/MXPlayer
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
A
11:23
Android Security & Malware
Hacking smart devices to convince dementia sufferers to overdose
https://www.pentestpartners.com/security-blog/hacking-smart-devices-to-convince-dementia-sufferers-to-overdose/?=wednesday-8-july-2020
A
13:51
Android Security & Malware
Global Grant URI in Android 8.0-9.0 [DUP]
Any third party application was able to grant R/W access to any exported/non exported, secured by permissions content providers which were installed in system
https://www.vulnano.com/2020/07/global-grant-uri-in-android-80-90-2018.html
A
14:18
Android Security & Malware
Critical Security Vulnerabilities fixed in Firefox for Android 68.10.1
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.
https://www.mozilla.org/en-US/security/advisories/mfsa2020-27/
A
18:15
Android Security & Malware
Reversing DexGuard, Part 3 – Code Virtualization
https://www.pnfsoftware.com/blog/reversing-dexguard-virtualization/
18:22
Reverse Engineering Nike Run Club Android App Using Frida
https://yasoob.me/posts/reverse-engineering-nike-run-club-using-frida-android/
10 July 2020
A
08:47
Android Security & Malware
Russian Android Stalkerware
-after launch it gathers device logs
-downloads additional app via HTTP
-logs credentials....
Here is demo of this #Stalkware being installed and hooked by Frida
https://youtu.be/IcVRwyJpmMw
11 July 2020
A
13:09
Android Security & Malware
How To Intercept Android Application HTTPS traffic in Android 10 (Q) with Burp Suite and Magisk
https://www.theburpsuite.com/2020/05/intercepting-android-application-https.html
A
13:35
Android Security & Malware
AMDH - Android Mobile Device Hardening tool
This forensics tool helps you list installed apps on device and dump them all
Tool: https://github.com/SecTheTech/AMDH
Test of the tool: https://www.instagram.com/p/CCgipObAGBQ/
A
20:09
Android Security & Malware
Slicer - A tool to automate the recon process on an APK file
https://github.com/mzfr/slicer
13 July 2020
A
05:34
Android Security & Malware
How to hack and prevent getting hacked by Android on the same WiFi
Video explains three types of attack:
1) Spy on other user web browsing
2) Redirect visited websites to attacker web
3) Steal Facebook login credentials
https://youtu.be/MHxbv6oA3CA
14 July 2020
A
08:21
Android Security & Malware
Android cyber-espionage campaign discovered in the Middle East as Welcome Chat app

This operation appears to be linked to the Gaza Hacker threat group.
The uncovered malicious operation both spies on victims and leaks their data (MITM, open server database without authorization)
https://www.welivesecurity.com/2020/07/14/welcome-chat-secure-messaging-app-nothing-further-truth/
15 July 2020
A
05:55
Android Security & Malware
Code analysis of CryCryptor Android ransomware and its discovered vulnerability.
By exploiting this vulnerability was successfully created a decryption tool - CryDecryptor
https://youtu.be/deyBbSKKGk8
A
07:44
Android Security & Malware
Android: arbitrary code execution via third-party package context
https://blog.oversecured.com/Android-arbitrary-code-execution-via-third-party-package-contexts/
16 July 2020
A
04:29
Android Security & Malware
BlackRock - new Android banking Trojan
https://www.threatfabric.com/blogs/blackrock_the_trojan_that_wanted_to_get_them_all.html
A
20:01
Android Security & Malware
Android Hacking with NMAP
-Exploit open ports and vulnerabilities in Android apps
-Search for unpatched ES File Explorer app and exploit it (CVE-2019-6447)
https://youtu.be/HXTl_V8UwYs
17 July 2020
A
04:53
Android Security & Malware
0-click RCE via MMS exploit for Samsung's Android OS versions O(8.x), P(9.0) and Q(10.0) #Fuzzing CVE-2020-8899
https://googleprojectzero.blogspot.com/2020/07/mms-exploit-part-1-introduction-to-qmage.html
Demo: https://youtu.be/ZQnb8kRMkHg
18 July 2020
A
04:58
Android Security & Malware
Demo of bug in Firefox for Android that allows camera and microphone to stream if device is locked
▪️ it will be fixed in October 2020
▪️ it might be misused as Stalkerware
▪️ tips how to prevent being spied on until October 2020
https://youtu.be/FlthUOKdoKw
A
08:55
Android Security & Malware
ADMA v2.0 - Android Mobile Device Hardening tool
Now includes malwares detection based on permissions (more than 500 malwares analysis) with some new updates!
https://github.com/SecTheTech/AMDH
19 July 2020
A
17:04
Android Security & Malware
iOS on QEMU
The goal of this project is to boot a fully functional iOS system on QEMU
https://github.com/alephsecurity/xnu-qemu-arm64
20 July 2020
A
16:50
Android Security & Malware
Writing an iOS Kernel Exploit from Scratch
https://secfault-security.com/blog/chain3.html
22 July 2020
A
02:37
Android Security & Malware
How to identify if someone spies on your WhatsApp messages
https://youtu.be/qjoApedppbw
A
16:43
Android Security & Malware
Apple Security Research Device Program
https://developer.apple.com/programs/security-research-device/
23 July 2020
A
16:40
Android Security & Malware
MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec
https://googleprojectzero.blogspot.com/2020/07/mms-exploit-part-2-effective-fuzzing-qmage.html
27 July 2020
A
04:04
Android Security & Malware
DJI GO 4 Android application security analysis (app to control drones)
https://www.synacktiv.com/en/publications/dji-android-go-4-application-security-analysis.html
A
11:04
Android Security & Malware
Source code of Cerberus (Android Malware) is for sale - $100,000
https://www.bleepingcomputer.com/news/security/cerberus-android-malware-source-code-offered-for-sale-for-100-000/
28 July 2020
A
15:12
Android Security & Malware
AndroidProjectCreator: v1.4-stable has been released
You can now install precompiled versions of all dependencies, shortening the installation to mere seconds! The full patch notes are given here:
https://maxkersten.nl/2020/07/28/androidprojectcreator-1-4-stable-release/
29 July 2020
A
03:12
Android Security & Malware
Medusa - new framework for dynamic analysis of Android apps
It offers different categories and modules to active during the dynamic analysis. It generates Frida scripts based on the picked modules
https://github.com/Ch0pin/medusa
A
05:07
Android Security & Malware
Review of Medusa Framework
Tool for dynamic analysis of Android apps
In review is hooked database module in Instagram app #BugBounty #Pentest #MalwareAnalysis
https://www.facebook.com/AndroidInfoSec/posts/3285627958127349
A
05:59
Android Security & Malware
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
https://googleprojectzero.blogspot.com/2020/07/mms-exploit-part-3-constructing-primitives.html
30 July 2020
A
04:06
Android Security & Malware
Android Worm Malware spreads via SMS in India as TikTok Pro [malware demo]
https://youtu.be/mzkDxBjshI4
A
04:42
Android Security & Malware
Google has removed 29 apps from the Play Store which were found filled with adware. These Android apps had over 3.5 million downloads on the Play Store.
https://www.whiteops.com/blog/bringing-blur-apps-into-focus
A
05:56
Android Security & Malware
Setting Up An Android VM For Analyzing Mobile Applications
https://github.com/1d8/Android-Analysis
2 August 2020
A
07:22
Android Security & Malware
AppSec: How to NOT create a job Android app [analysis]
https://medium.com/@fs0c131y/appsec-how-to-not-create-a-job-app-5b2776d16464
3 August 2020
A
16:00
Android Security & Malware
Exploiting Android Messengers with WebRTC: Part 1
https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html
4 August 2020
A
17:17
Android Security & Malware
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle
https://googleprojectzero.blogspot.com/2020/08/mms-exploit-part-4-completing-aslr-oracle.html
5 August 2020
A
18:31
Android Security & Malware
Exploiting Android Messengers with WebRTC: Part 2
https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-2.html
6 August 2020
A
06:07
Android Security & Malware
Reversing the Root
Identifying the Exploited Vulnerability in 0-days Used In-The-Wild
https://github.com/maddiestone/ConPresentations/blob/master/BH2020.ReversingTheRoot.pdf
7 August 2020
A
08:31
Android Security & Malware
Exploiting Android Messengers with WebRTC: Part 3
https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-3.html
A
08:53
Android Security & Malware
Android application exploitation
https://docs.google.com/presentation/d/15bi5pndttfCzMEMw8GT2oCHCJvHx_a8YszkkSMtp_jE/edit#slide=id.p1
09:01
Android: Access to app protected components
https://blog.oversecured.com/Android-Access-to-app-protected-components/
8 August 2020
A
09:13
Android Security & Malware
Qualcomm chip vulnerability
400 vulnerable code sections were uncovered on Qualcomm’s Snapdragon digital signal processor (DSP) chip
https://media.defcon.org/DEF%20CON%2028/DEF%20CON%20Safe%20Mode%20presentations/DEF%20CON%20Safe%20Mode%20-%20Slava%20Makkaveev%20-%20Pwn2Own%20Qualcomm%20compute%20DSP%20for%20fun%20and%20profit.pdf
10 August 2020
A
07:36
Android Security & Malware
Android Bug Foraging
Analysis of vulnerabilities found in:
-Tinder
-Google Camera
-Samsung Find My Mobile
-undisclosed app name
https://youtu.be/qbj-4NXsE-0
11 August 2020
A
12:23
Android Security & Malware
T
The Bug Bounty Hunter 11.08.2020 11:48:47
Hacking iOS Simulator with simctl and dynamic libraries

https://curvedlayer.com/2020/08/09/ios-simulator-plugin-simctl.html
12 August 2020
A
19:16
Android Security & Malware
MMS Exploit Part 5: Defeating Android ASLR, Getting RCE
https://googleprojectzero.blogspot.com/2020/08/mms-exploit-part-5-defeating-aslr-getting-rce.html
19:19
Re­VoL­TE attack can decrypt 4G (LTE) calls to eavesdrop on conversations
https://www.zdnet.com/article/re-vol-te-attack-can-decrypt-4g-lte-calls-to-eavesdrop-on-conversations/
15 August 2020
A
07:15
Android Security & Malware
Hacker101 CTF: Android Challenge Writeups
https://medium.com/bugbountywriteup/hacker101-ctf-android-challenge-writeups-f830a382c3ce
A
15:55
Android Security & Malware
T
The Bug Bounty Hunter 15.08.2020 15:33:57
Android Pentesting Lab
Step by Step guide for beginners!

https://medium.com/@imparable/android-pentesting-lab-4a6fe1a1d2e0
16 August 2020
A
04:40
Android Security & Malware
Qualcomm QCACLD WiFi monitor mode for Android
https://github.com/kimocoder/qualcomm_android_monitor_mode
17 August 2020
A
05:19
Android Security & Malware
CnC communication of a fake Aarogya Setu COVID-19 app
https://medium.com/@cryptax/cnc-communication-of-a-fake-aarogya-setu-covid-19-app-810817a36257
21 August 2020
A
06:58
Android Security & Malware
Google Firebase messaging vulnerability allowed attackers to send push notifications to app users
https://abss.me/posts/fcm-takeover/
22 August 2020
A
15:34
Android Security & Malware
Write-up for Samsung SCTF’s Android Reverse Engineering Challenge https://link.medium.com/sZIupscha9
24 August 2020
A
09:44
Android Security & Malware
Samsung 'Find My Mobile' vulnerability report
https://char49.com/articles/malicious-apps-could-take-over-samsung-devices
Detailed report: http://char49.com/tech-reports/fmmx1-report.pdf
A
15:34
Android Security & Malware
Mintegral SDK - The malicious code uncovered in iOS versions of the SDK from the Chinese mobile ad platform
https://snyk.io/blog/sourmint-malicious-code-ad-fraud-and-data-leak-in-ios/
A
18:04
Android Security & Malware
Part 2: Step-by-step iPhone Setup for iOS Research
https://www.mac4n6.com/blog/category/analysis
25 August 2020
A
13:26
Android Security & Malware
Stealing local files using Safari Web Share API (NOT FIXED!)
https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html
28 August 2020
A
07:53
Android Security & Malware
Bypass PIN codes for Visa contactless payments
A successful attack requires four components: (1+2) two Android smartphones, (3) a special Android app developed by the research team, and (4) a Visa contactless card.
The entire idea behind the attack is that the POS emulator asks the card to make a payment, modifies transaction details, and then sends the modified data via WiFi to the second smartphone that makes a large payment without needing to provide a PIN (as the attacker has modified the transaction data to say that the PIN is not needed).
Info: https://www.zdnet.com/article/academics-bypass-pins-for-visa-contactless-payments/
Research: https://arxiv.org/pdf/2006.08249.pdf
Video demo: https://youtu.be/JyUsMLxCCt8
29 August 2020
A
10:17
Android Security & Malware
Cerberus Banking Trojan Research
https://github.com/ics-iot-bootcamp/cerberus_research
30 August 2020
A
06:30
Android Security & Malware
Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/
A
10:47
Android Security & Malware
TERRACOTTA Android Malware: A Technical Study
https://www.whiteops.com/blog/terracotta-android-malware-a-technical-study
A
12:34
Android Security & Malware
T
The Bug Bounty Hunter 30.08.2020 12:25:12
iblessing is an iOS security exploiting toolkit

https://github.com/Soulghost/iblessing
2 September 2020
A
04:08
Android Security & Malware
ThiefBot: A New Android Banking Trojan Targeting Turkish Banking Users
https://business.xunison.com/thiefbot-a-new-android-banking-trojan-targeting-turkish-banking-users/
3 September 2020
A
05:02
Android Security & Malware
Google removes Android app that was used to spy on Belarusian protesters
https://www.zdnet.com/article/google-removes-android-app-that-was-used-to-spy-on-belarusian-protesters/
A
10:23
Android Security & Malware
Mobile threat statistics for Q2 2020 by Kaspersky
https://securelist.com/it-threat-evolution-q2-2020-mobile-statistics/98337/
A
15:35
Android Security & Malware
India yesterday banned 118 Chinese apps
List of app in the link
https://drive.google.com/file/d/1NRcC49uKIvwA4-sDmubC5aC2LmHggKoG/view
15:37
Android Permission (Notification Permission) Can Be Lethal [Android Malware Series]
https://youtu.be/PzhDEV7rpP0
A
16:52
Android Security & Malware
Threema Goes Open Source
https://threema.ch/en/blog/posts/open-source-and-new-partner
6 September 2020
A
08:03
Android Security & Malware
WhatsApp discloses six previously undisclosed flaws
https://www.whatsapp.com/security/advisories/2020/
7 September 2020
8 September 2020
A
03:30
Android Security & Malware
T
The Bug Bounty Hunter 08.09.2020 03:12:21
From Android Static Analysis to RCE on Prod

https://blog.dixitaditya.com/from-android-app-to-rce/
9 September 2020
A
06:36
Android Security & Malware
TikTok Spyware (SpyNote) Analysis
https://www.zscaler.com/blogs/research/tiktok-spyware
11 September 2020
A
09:38
Android Security & Malware
Android bypass SSL pinning using Frida
https://www.docdroid.net/file/download/zokUC70/android-ssl-pinning-pdf.pdf
12 September 2020
A
04:48
Android Security & Malware
Three persistent and one theft of arbitrary files vulnerabilities have been discovered in the TikTok Android app
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
17 September 2020
A
00:58
Android Security & Malware
Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw
https://www.zdnet.com/google-amp/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/
18 September 2020
A
05:01
Android Security & Malware
Vulnerability that allows to persistently launch Intent on every device on the same LAN that had vulnerable version of Firefox for Android (68.11.0 and below)
Report: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/tree/master/firefox-android-2020
PoC code: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/blob/master/firefox-android-2020/ffssdp.py
A
08:12
Android Security & Malware
Rampant Kitten – An Iranian Espionage Campaign (including Android component)
https://research.checkpoint.com/2020/rampant-kitten-an-iranian-espionage-campaign/
20 September 2020
A
18:24
Android Security & Malware
CVE-2020-9964 - An iOS infoleak
https://muirey03.blogspot.com/2020/09/cve-2020-9964-ios-infoleak.html
21 September 2020
A
06:33
Android Security & Malware
r2-pay: anti-debug, anti-root & anti-frida (part 1)
https://www.romainthomas.fr/post/20-09-r2con-obfuscated-whitebox-part1/
06:45
Locating the Trojan inside an infected COVID-19 contact tracing app
https://medium.com/@cryptax/locating-the-trojan-inside-an-infected-covid-19-contact-tracing-app-21e23f90fbfe
A
07:10
Android Security & Malware
Exploitation of LAN vulnerability found in Firefox for Android [demo]
I tested this PoC exploit on 3 devices on same wifi network, it worked pretty well.
I was able to open custom URL on every smartphone using vulnerable Firefox (68.11.0 and below).
https://twitter.com/LukasStefanko/status/1307013106615418883
22 September 2020
A
07:02
Android Security & Malware
iOS and Android scam apps spreading via TikTok
https://blog.avast.com/scam-apps-spreading-via-tiktok-avast
A
18:24
Android Security & Malware
Vulnerabilities in ATM Milano's mobile app
https://blog.jacopojannone.com/en/post/atm-app-vulnerability/
24 September 2020
A
05:12
Android Security & Malware
Alien - the story of Cerberus' demise
https://www.threatfabric.com/blogs/alien_the_story_of_cerberus_demise.html