Four more apps with 220,000+ installs were lately available on Google Play with the functionality to download and make victim install additional apps + display unwanted ads.
This one is still there, found by @m0br3v
This one is still there, found by @m0br3v
6 MUST HAVE TOOLS FOR YOUR IOS PENTESTING TOOLKIT
https://payatu.com/6-must-tools-ios-pentesting-toolkit/
https://payatu.com/6-must-tools-ios-pentesting-toolkit/
Payatu
6 Must Have Tools For Your IOS Pentesting Toolkit | Payatu
Performing a pentesting requires pentesting tools. We have brought you 6 essential iOS Pentesting Toolkit. Check out our toolkit.
Methodology for penetration testing and security assessment.
https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md
https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md
Operation Android : Android Pentesting is out.
https://www.peerlyst.com/posts/operation-android-android-pentesting-is-out-benedict-charles
https://www.peerlyst.com/posts/operation-android-android-pentesting-is-out-benedict-charles
Apps on Google Play pushed fraudulent notifications through browser
https://news.drweb.com/show/?i=13313&lng=en
https://news.drweb.com/show/?i=13313&lng=en
Dr.Web
Doctor Web: Android users threatened by fraudulent push notifications
Doctor Web experts discovered the <a href="https://vms.drweb.com/search/?q=Android.FakeApp.174&lng=en"><b>Android.FakeApp.174</b></a> trojan that uses Google Chrome to load questionable websites that subscribe users to advertising notifications. Notifications…
Solution to Access iOS and High-End Android Devices
Bypass or determine locks and perform a full file system extraction on any iOS device and on many high-end Android devices.
https://www.cellebrite.com/en/ufed-premium/
Bypass or determine locks and perform a full file system extraction on any iOS device and on many high-end Android devices.
https://www.cellebrite.com/en/ufed-premium/
Mobile Stalkware industry research - a predator in your pocket
https://citizenlab.ca/docs/stalkerware-holistic.pdf
https://citizenlab.ca/docs/stalkerware-holistic.pdf
New technique to bypass SMS permission restriction on Google Play to obtain 2FA & OTP codes.
It intercepts SMS notifications.
Discovered fake cryptocurrency exchanges with such functionality on Play Store.
https://www.welivesecurity.com/2019/06/17/malware-google-permissions-2fa-bypass/
It intercepts SMS notifications.
Discovered fake cryptocurrency exchanges with such functionality on Play Store.
https://www.welivesecurity.com/2019/06/17/malware-google-permissions-2fa-bypass/
WeLiveSecurity
Malware sidesteps Google permissions policy with new 2FA bypass technique
ESET analysis shows a new technique whereby malware creators hurdle two-factor authentication while circumventing Google’s SMS permissions restrictions.
Samsung advice their users to scan their TVs for malware.
https://twitter.com/SamsungSupport/status/1140409768743452672
https://twitter.com/SamsungSupport/status/1140409768743452672
Running iOS in QEMU to an interactive bash shell (1): tutorial
https://alephsecurity.com/2019/06/17/xnu-qemu-arm64-1/
https://alephsecurity.com/2019/06/17/xnu-qemu-arm64-1/
Alephsecurity
Running iOS in QEMU to an interactive bash shell (1): tutorial
Mobile Cyberespionage Campaign ‘Bouncing Golf’ Affects Middle East
Over 660 Android victims infected via malicious webs promoted on social media. Main goal was espionage.
https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east/
Over 660 Android victims infected via malicious webs promoted on social media. Main goal was espionage.
https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east/
Trendmicro
Mobile Cyberespionage Campaign ‘Bouncing Golf’ Affects Middle East - TrendLabs Security Intelligence Blog
We uncovered a cyberespionage campaign targeting Middle Eastern countries we named “Bouncing Golf” based on the malware’s code in the package named “golf.”
QR code app on Google Play with over 1,000,000 installs requests $100 trial payment
https://www.androidpolice.com/2019/06/18/qr-code-app-on-play-store-ripping-people-off-for-100-through-shady-trial-scheme/
https://www.androidpolice.com/2019/06/18/qr-code-app-on-play-store-ripping-people-off-for-100-through-shady-trial-scheme/
Android Police
QR code app on Play Store ripping people off for $100+ through shady trial scheme
With over two million applications in the Play Store, there are bound to be a few bad apples here and there. However, the creatively named "QR Code... by Richard Gao in Applications, News
Malicious photo editor app found on Google Play with 10K+ installs
Malware signed users for unwanted subnoscription and intercepted SMS verification codes by having access to notifications.
https://www.kaspersky.com/blog/malicious-camera-app/27391/
Malware signed users for unwanted subnoscription and intercepted SMS verification codes by having access to notifications.
https://www.kaspersky.com/blog/malicious-camera-app/27391/
Kaspersky
A photo editor with a difference
How a photo editor app from Google Play secretly signed up users for unwanted paid services.
Mobile cryptojacking and related abuse
https://t.co/I40ye67huy (pdf)
https://t.co/I40ye67huy (pdf)
Vulnerabilities and threats in mobile applications, 2019
https://www.ptsecurity.com/ww-en/analytics/mobile-application-security-threats-and-vulnerabilities-2019/
https://www.ptsecurity.com/ww-en/analytics/mobile-application-security-threats-and-vulnerabilities-2019/
👍1
Microsoft Outlook for Android Open to XSS Attacks
The attacker who successfully exploited this vulnerability could then perform cross-site noscripting attacks on the affected systems and run noscripts in the security context of the current user.
https://threatpost.com/microsoft-outlook-android-xss/145924/
The attacker who successfully exploited this vulnerability could then perform cross-site noscripting attacks on the affected systems and run noscripts in the security context of the current user.
https://threatpost.com/microsoft-outlook-android-xss/145924/
Threat Post
Microsoft Outlook for Android Open to XSS Attacks
A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.
New cryptocurrency-mining botnet malware arrives via open ADB (Android Debug Bridge) ports and can spread via SSH
https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh/
https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-botnet-arrives-through-adb-and-spreads-through-ssh/
Trend Micro
Cryptocurrency-Mining Botnet Spreads via ADB, SSH
We observed a new cryptocurrency-mining botnet that arrives via open ADB (Android Debug Bridge) ports and can spread via SSH. This attack takes advantage of the way open ADB ports don’t have authentication by default.
Frida Android unpack
Script for Android O and Android P to get unpacked DEX file from memory.
https://github.com/xiaokanghub/Frida-Android-unpack/blob/master/README.md
Script for Android O and Android P to get unpacked DEX file from memory.
https://github.com/xiaokanghub/Frida-Android-unpack/blob/master/README.md
GitHub
Frida-Android-unpack/README.md at master · xiaokanghub/Frida-Android-unpack
this unpack noscript for Android O and Android P. Contribute to xiaokanghub/Frida-Android-unpack development by creating an account on GitHub.
Dont hack mobile devices, hack cell network providers to conduct targeted surveillance on individuals of interest.
At least 10 cell networks have been hacked over the past 7 years.
https://techcrunch.com/2019/06/24/hackers-cell-networks-call-records-theft/
At least 10 cell networks have been hacked over the past 7 years.
https://techcrunch.com/2019/06/24/hackers-cell-networks-call-records-theft/
TechCrunch
Hackers are stealing years of call records from hacked cell networks
Security researchers say they have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of interest. The hackers have systematically broken in to more…