Proxying Newer Versions of Android with Genymotion
http://console-cowboys.blogspot.com/2021/03/proxying-newer-versions-of-android-with.html
http://console-cowboys.blogspot.com/2021/03/proxying-newer-versions-of-android-with.html
Blogspot
Proxying Newer Versions of Android with Genymotion
I did a quick video last night for someone on proxying the newer version of Android SDK with Genymotion as the changes back in version 7 ma...
Forwarded from The Bug Bounty Hunter
Capture all android network traffic https://www.exandroid.dev/2021/03/21/capture-all-android-network-traffic/
Ex Android Dev
Capture all android network traffic
So you are performing a pentest on an android app and you have got into a situation where basic certificate pinning bypass doesn’t work. Or you have been dealing with custom protocol instead of good ol’ HTTP. The goal of this post is to teach you how to capture…
WhatsApp scam messages - what happens when you click on them
https://youtu.be/Dc7Y1fiZGuA
https://youtu.be/Dc7Y1fiZGuA
YouTube
What happens when you click on that WhatsApp scam message | Huawei Mate 40 Pro giveaway | Amazon
Beware of recent WhatsApp scam message that instead of winning Huawei Mate 40 Pro 5G, might get user into troubles.
In the video I will show you:
1) What happens when you click on that link
2) I will go through whole scam and redirections process
3) How…
In the video I will show you:
1) What happens when you click on that link
2) I will go through whole scam and redirections process
3) How…
👏1
Advanced Android Malware Posing as “System Update”
https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/
https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/
Zimperium
New Advanced Android Malware Posing as “System Update" - Zimperium
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing
TapJacking Attacks - thorough guide PART 2
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-part-2-3b0390602a81
https://valsamaras.medium.com/tapjacking-attacks-a-thorough-guide-part-2-3b0390602a81
Medium
TapJacking Attacks, a thorough guide PART 2
Recap
Android Flubot: quick analysis of new campaign with version 3.7
https://cryptax.medium.com/android-flubot-preparing-for-a-new-campaign-2f7563fc6c06
https://cryptax.medium.com/android-flubot-preparing-for-a-new-campaign-2f7563fc6c06
Medium
Android/Flubot: preparing for a new campaign?
Since Friday (March 26, 2021), Android/Flubot is propagating a new version, v3.7. For reminder, Android/Flubot is an Android banking…
Google collects 20 times more telemetry from Android devices than Apple from iOS
https://therecord.media/google-collects-20-times-more-telemetry-from-android-devices-than-apple-from-ios/
https://therecord.media/google-collects-20-times-more-telemetry-from-android-devices-than-apple-from-ios/
The Record
Google collects 20 times more telemetry from Android devices than Apple from iOS
Academic research published last week looked at the telemetry traffic sent by modern iOS and Android devices back to Apple and Google servers and found that Google collects around 20 times more telemetry data from Android devices than Apple from iOS.
Universal method how to remove Android malware that prevents user from being uninstalled such as FluBot
https://youtu.be/dIIDh1AqUKQ
https://youtu.be/dIIDh1AqUKQ
Received Instagram badge verification messages?
1) What happens when you click on the link
2) What it requests from user
3) What happens with user data
4) Finding XSS in their page :)
5) Network analysis in Burp Suite to identify server and how are data exchanged
6) Prevention tips
https://odysee.com/@androidmalware:2/instagram_scams:9
1) What happens when you click on the link
2) What it requests from user
3) What happens with user data
4) Finding XSS in their page :)
5) Network analysis in Burp Suite to identify server and how are data exchanged
6) Prevention tips
https://odysee.com/@androidmalware:2/instagram_scams:9
Odysee
Have you received badge verificaiton message on Instagram?
What happens when you open that DM you received about badge verification and what is their goal?
👍1👏1
How to use basic ADB commands to control Android apps
https://odysee.com/@androidmalware:2/adbCommands:9
https://odysee.com/@androidmalware:2/adbCommands:9
Odysee
How to use basic ADB commands to control Android apps
Quick introduction of basic ADB commands that are helpful with quick Android app analysis and control such as listing installed apps, identifying running app's package name and activity, get its PID t...
Pre-installed auto installer threat found on Android mobile devices in Germany
https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/
https://blog.malwarebytes.com/android/2021/04/pre-installed-auto-installer-threat-found-on-android-mobile-devices-in-germany/
Malwarebytes Labs
Pre-installed auto installer threat found on Android mobile devices in Germany
Gigaset mobile devices contain an Update app which is a pre-installed system app infected with Android/PUP.Riskware.Autoins.Redstone.
Malware found on the Huawei's AppGallery app store for the first time (10 apps were installed by 538,000 users)
https://news.drweb.com/show/?i=14182
https://news.drweb.com/show/?i=14182
Dr.Web
Malware found on the AppGallery app store for the first time
Doctor Web’s virus analysts have uncovered the first malware on AppGallery―the official app store from the Huawei Android device manufacturer. They turned out to be dangerous Android.Joker trojans that function primarily to subscribe users to premium mobile…
❤1
Unprotected Exported Intents Expose Sensitive Information in LAVA app (CVE-2020-27069)
https://bugs.chromium.org/p/apvi/issues/detail?id=42&q=&can=1
https://bugs.chromium.org/p/apvi/issues/detail?id=42&q=&can=1
Wormable Android Malware Spreads by Creating Auto-Replies to Messages in WhatsApp
Demo: https://www.instagram.com/p/CNXpGCZAv36/
Research: https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/
Demo: https://www.instagram.com/p/CNXpGCZAv36/
Research: https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/
Triada Trojan detected in APKPure client app
https://news.drweb.com/show/?i=14188&lng=en
https://news.drweb.com/show/?i=14188&lng=en
Dr.Web
Trojan detected in APKPure Android app store client software
Doctor Web specialists have discovered a malicious functionality in APKPure—the official client application of the popular third-party Android app store. The trojan built into it downloads and installs various apps, including other malware, without users’…
SiAAA - Auto Install Scripts for i0S and Android Application Analysis
https://m2sup3rn0va.github.io/SiAAA/siaaa.html
https://m2sup3rn0va.github.io/SiAAA/siaaa.html
Clubhouse data leak: 1.3 million user records leaked online for free
User ID
Name
Photo URL
Username
Twitter handle
Instagram handle
Number of followers
Number of people followed by the user
Account creation date
Invited by user profile name
https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
User ID
Name
Photo URL
Username
Twitter handle
Instagram handle
Number of followers
Number of people followed by the user
Account creation date
Invited by user profile name
https://cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/
Cybernews
Clubhouse data leak: 1.3 million scraped user records leaked online for free
An SQL database containing 1.3 million Clubhouse user records has been leaked for free on a popular hacker forum.
How to use Android as Rubber Ducky from NetHunter | Tutorial
https://youtu.be/bYfict-752k
https://youtu.be/bYfict-752k
BRATA Android Banking Malware Keeps Sneaking into Google Play, Now Targeting USA and Spain
Blog: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/brata-keeps-sneaking-into-google-play-now-targeting-usa-and-spain/
Full report: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-brata.pdf
Blog: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/brata-keeps-sneaking-into-google-play-now-targeting-usa-and-spain/
Full report: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-brata.pdf
McAfee Blog
BRATA Keeps Sneaking into Google Play, Now Targeting USA and Spain | McAfee Blog
Recently, the McAfee Mobile Research Team uncovered several new variants of the Android malware family BRATA being distributed in Google Play, ironically
Solving OWASP UnCrackable Android App Level 1 with Runtime Mobile Security (RMS)
https://youtu.be/P6rNPkM2DdY
https://youtu.be/P6rNPkM2DdY
YouTube
Solving OWASP UnCrackable Android App Level 1 with Runtime Mobile Security (RMS) 📱🔥
Solving OWASP UnCrackable Android App Level 1 with
Runtime Mobile Security (RMS) 📱🔥
Github Repo: https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
UnCrackable App for Android Level 1 - Download: https://github.com/OWASP/owasp-mstg/tree/master/Crackmes…
Runtime Mobile Security (RMS) 📱🔥
Github Repo: https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
UnCrackable App for Android Level 1 - Download: https://github.com/OWASP/owasp-mstg/tree/master/Crackmes…
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
Research: https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
PoC: https://github.com/CENSUS/whatsapp-mitd-mitm
Research: https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
PoC: https://github.com/CENSUS/whatsapp-mitd-mitm
Census-Labs
CENSUS | Cybersecurity Engineering
In this article we will have a look at how a simple phishing attack through an Android messaging application could result in the direct leakage of data found in unprotected device storage (/sdcard). Then we will show how the two aforementioned WhatsApp vulnerabilities…