The Brief Glory of Cabassous/FluBot — a private Android banking botnet
https://medium.com/csis-techblog/the-brief-glory-of-cabassous-flubot-a-private-android-banking-botnet-bc2ed7917027
https://medium.com/csis-techblog/the-brief-glory-of-cabassous-flubot-a-private-android-banking-botnet-bc2ed7917027
Medium
The Brief Glory of Cabassous/FluBot — a private Android banking botnet
A new botnet has surfaced in late 2020, take a look at the details about this criminal operation targeting banking users in Spain and…
Samsung Investigation Part 2: Exploiting Trusted Applications (TAs)
https://www.riscure.com/blog/samsung-investigation-part2
https://www.riscure.com/blog/samsung-investigation-part2
Still using SMS as 2FA?
For $16 a hacker can rerouted all received SMS messages to him and break into online accounts. This isn't SIM jacking or SS7.
Attacker just pays a company and get control of text routing in minutes
https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber
For $16 a hacker can rerouted all received SMS messages to him and break into online accounts. This isn't SIM jacking or SS7.
Attacker just pays a company and get control of text routing in minutes
https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber
VICE
A Hacker Got All My Texts for $16
A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages.
👍1
Android reverse engineering for beginners - Dexcalibur
https://braincoke.fr/blog/2021/03/android-reverse-engineering-for-beginners-dexcalibur/
https://braincoke.fr/blog/2021/03/android-reverse-engineering-for-beginners-dexcalibur/
braincoke.fr
Android reverse engineering for beginners - Dexcalibur - Braincoke | Security Blog
Thoughts and write-ups
TikTok for Android 1-Click RCE
XSS -> Launch arbitrary intent to download ZIP file -> exploit file traversal -> overwrite native library -> RCE
https://medium.com/@dPhoeniixx/tiktok-for-android-1-click-rce-240266e78105
XSS -> Launch arbitrary intent to download ZIP file -> exploit file traversal -> overwrite native library -> RCE
https://medium.com/@dPhoeniixx/tiktok-for-android-1-click-rce-240266e78105
Medium
TikTok for Android 1-Click RCE
Chaining multiple bugs on TikTok for Android to achieving Remote code execution in the application’s context.
Android TapJacking Attacks, a thorough guide
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-2cd6486d0fc9
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-2cd6486d0fc9
Medium
TapJacking Attacks, a thorough guide
PART 1
Forwarded from The Bug Bounty Hunter
IOS Pentesting Guide From A N00bs Perspective
https://payatu.com/blog/abhilashnigam/ios-pentesing-guide-from-a-n00bs-perspective.1
https://payatu.com/blog/abhilashnigam/ios-pentesing-guide-from-a-n00bs-perspective.1
Use Android as Rubber Ducky against another Android device (now with noscript & tutorial)
Demo: https://www.instagram.com/p/CMwxrItDuiG/
Github: https://github.com/androidmalware/android_hid
Demo: https://www.instagram.com/p/CMwxrItDuiG/
Github: https://github.com/androidmalware/android_hid
Discovered 204 fleeceware apps with over a billion downloads and over $400 million in revenue on the Apple App Store and Google Play Store
Fleeceware scams promise free subnoscription trials but deliver costly charges to victims
https://blog.avast.com/fleeceware-apps-on-mobile-app-stores-avast
Fleeceware scams promise free subnoscription trials but deliver costly charges to victims
https://blog.avast.com/fleeceware-apps-on-mobile-app-stores-avast
Avast
How fleeceware apps have earned over $400 million on Android and iOS
Avast researchers have discovered fleeceware apps with over a billion downloads and over $400 million in revenue on the Apple App Store and Google Play Store. Learn about the mechanics of these scams as well as how to prevent falling victim to them.
Android Kernel Privilege Escalation (CVE-2020-11239)
Blog: https://securitylab.github.com/research/one_day_short_of_a_fullchain_android/
Exploit: https://github.com/github/securitylab/tree/main/SecurityExploits/Android/Qualcomm/CVE-2020-11239
Blog: https://securitylab.github.com/research/one_day_short_of_a_fullchain_android/
Exploit: https://github.com/github/securitylab/tree/main/SecurityExploits/Android/Qualcomm/CVE-2020-11239
Proxying Newer Versions of Android with Genymotion
http://console-cowboys.blogspot.com/2021/03/proxying-newer-versions-of-android-with.html
http://console-cowboys.blogspot.com/2021/03/proxying-newer-versions-of-android-with.html
Blogspot
Proxying Newer Versions of Android with Genymotion
I did a quick video last night for someone on proxying the newer version of Android SDK with Genymotion as the changes back in version 7 ma...
Forwarded from The Bug Bounty Hunter
Capture all android network traffic https://www.exandroid.dev/2021/03/21/capture-all-android-network-traffic/
Ex Android Dev
Capture all android network traffic
So you are performing a pentest on an android app and you have got into a situation where basic certificate pinning bypass doesn’t work. Or you have been dealing with custom protocol instead of good ol’ HTTP. The goal of this post is to teach you how to capture…
WhatsApp scam messages - what happens when you click on them
https://youtu.be/Dc7Y1fiZGuA
https://youtu.be/Dc7Y1fiZGuA
YouTube
What happens when you click on that WhatsApp scam message | Huawei Mate 40 Pro giveaway | Amazon
Beware of recent WhatsApp scam message that instead of winning Huawei Mate 40 Pro 5G, might get user into troubles.
In the video I will show you:
1) What happens when you click on that link
2) I will go through whole scam and redirections process
3) How…
In the video I will show you:
1) What happens when you click on that link
2) I will go through whole scam and redirections process
3) How…
👏1
Advanced Android Malware Posing as “System Update”
https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/
https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/
Zimperium
New Advanced Android Malware Posing as “System Update" - Zimperium
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing
TapJacking Attacks - thorough guide PART 2
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-part-2-3b0390602a81
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-part-2-3b0390602a81
Medium
TapJacking Attacks, a thorough guide PART 2
Recap
Android Flubot: quick analysis of new campaign with version 3.7
https://cryptax.medium.com/android-flubot-preparing-for-a-new-campaign-2f7563fc6c06
https://cryptax.medium.com/android-flubot-preparing-for-a-new-campaign-2f7563fc6c06
Medium
Android/Flubot: preparing for a new campaign?
Since Friday (March 26, 2021), Android/Flubot is propagating a new version, v3.7. For reminder, Android/Flubot is an Android banking…
Google collects 20 times more telemetry from Android devices than Apple from iOS
https://therecord.media/google-collects-20-times-more-telemetry-from-android-devices-than-apple-from-ios/
https://therecord.media/google-collects-20-times-more-telemetry-from-android-devices-than-apple-from-ios/
The Record
Google collects 20 times more telemetry from Android devices than Apple from iOS
Academic research published last week looked at the telemetry traffic sent by modern iOS and Android devices back to Apple and Google servers and found that Google collects around 20 times more telemetry data from Android devices than Apple from iOS.
Universal method how to remove Android malware that prevents user from being uninstalled such as FluBot
https://youtu.be/dIIDh1AqUKQ
https://youtu.be/dIIDh1AqUKQ
Received Instagram badge verification messages?
1) What happens when you click on the link
2) What it requests from user
3) What happens with user data
4) Finding XSS in their page :)
5) Network analysis in Burp Suite to identify server and how are data exchanged
6) Prevention tips
https://odysee.com/@androidmalware:2/instagram_scams:9
1) What happens when you click on the link
2) What it requests from user
3) What happens with user data
4) Finding XSS in their page :)
5) Network analysis in Burp Suite to identify server and how are data exchanged
6) Prevention tips
https://odysee.com/@androidmalware:2/instagram_scams:9
Odysee
Have you received badge verificaiton message on Instagram?
What happens when you open that DM you received about badge verification and what is their goal?
👍1👏1
How to use basic ADB commands to control Android apps
https://odysee.com/@androidmalware:2/adbCommands:9
https://odysee.com/@androidmalware:2/adbCommands:9
Odysee
How to use basic ADB commands to control Android apps
Quick introduction of basic ADB commands that are helpful with quick Android app analysis and control such as listing installed apps, identifying running app's package name and activity, get its PID t...