I created a Discord community for a better categorization and visibility of mobile InfoSec posts with option for you to participate and share or ask questions.
Join & share: https://discord.gg/ByrVsEvVTg
Join & share: https://discord.gg/ByrVsEvVTg
Discord
Join the Mobile Hacker Discord Server!
Check out the Mobile Hacker community on Discord - hang out with 756 other members and enjoy free voice and text chat.
👍18👏1
Theft of protected files by 3rd party Android app from ownCloud application
https://hackerone.com/reports/1454002
https://hackerone.com/reports/1454002
HackerOne
ownCloud disclosed on HackerOne: Theft of protected files on Android
There is an issue that allows to retrieve any files from protected directory of application - ```/data/data/com.owncloud.android/*```.
The issue is caused by exported activity...
The issue is caused by exported activity...
👍1
Frida iOS video tutorials
Introduction to Frida and iOS, low-level iOS interfaces (GCD, XPC, IOKit, Mach), and Objective-C instrumentation
Part I: https://youtu.be/h070-YZKOKE
Part II: https://youtu.be/qpEIRe2CP-w
Part III: https://youtu.be/x48y2ehfWGE
Introduction to Frida and iOS, low-level iOS interfaces (GCD, XPC, IOKit, Mach), and Objective-C instrumentation
Part I: https://youtu.be/h070-YZKOKE
Part II: https://youtu.be/qpEIRe2CP-w
Part III: https://youtu.be/x48y2ehfWGE
YouTube
iOS Reverse Engineering :: Part I :: Dynamic Reversing and iOS Basics
The first part covers Frida basics, such as using frida-trace and the stalker. Then, some more internals about debugging on iOS in general are added, such as debug profile, enhancing logging with jailbreaks, and the debugserver.
Find more iOS dynamic reversing…
Find more iOS dynamic reversing…
❤17👍4
Crypto Scam - CryptoRom - targets vulnerable iPhone (iOS TestFlight and WebClips) and Android users (APK)
How it works:
The campaign works by approaching potential targets through dating apps like Bumble, Tinder, Facebook Dating, and Grindr, before moving the conversation to messaging apps such as WhatsApp and urging the victims to install a cryptocurrency trading application that's designed to mimic popular brands and lock people out of their accounts and freeze their funds.
https://news.sophos.com/en-us/2022/03/16/cryptorom-bitcoin-swindlers-continue-to-target-vulnerable-iphone-and-android-users/
How it works:
The campaign works by approaching potential targets through dating apps like Bumble, Tinder, Facebook Dating, and Grindr, before moving the conversation to messaging apps such as WhatsApp and urging the victims to install a cryptocurrency trading application that's designed to mimic popular brands and lock people out of their accounts and freeze their funds.
https://news.sophos.com/en-us/2022/03/16/cryptorom-bitcoin-swindlers-continue-to-target-vulnerable-iphone-and-android-users/
Sophos News
CryptoRom Bitcoin swindlers continue to target vulnerable iPhone and Android users
Abuse of iOS TestFlight and WebClips—along with social engineering and lookalike web pages—lead to double- and triple-dipping by criminals into victims’ pockets.
👍3
Forwarded from The Bug Bounty Hunter
Unraveling Assets from Android Apps at Scale
https://bevigil.com/blog/unraveling-assets-from-android-apps-at-scale/
https://bevigil.com/blog/unraveling-assets-from-android-apps-at-scale/
BeVigil Blog
Unraveling Assets from Android Apps at Scale - BeVigil Blog
Over the years, large-scale scanning of the internet has enabled the security community to identify widespread vulnerabilities and mitigate them before they can be exploited.
👍10
Facestealer Trojan found in Google Play app with 100,000+ installs injects JavaScript to facebook\.com to steal Facebook Accounts credentials
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/
Threat Post
Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts.
👍10
When Equal is Not, Another WebView Takeover Story
https://valsamaras.medium.com/when-equal-is-not-another-webview-takeover-story-730be8d6e202
https://valsamaras.medium.com/when-equal-is-not-another-webview-takeover-story-730be8d6e202
Medium
When Equal is Not, Another WebView Takeover Story
I have been assessing Android applications for some time and I must admit that despite the countless write-ups about unprotected WebViews…
👍6
Trojanized Android & iOS cryptocurrency wallet apps
Malicious code was inserted in specific place of legit apps manually, which required attacker to perform in-depth analysis of wallet first
https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/
Malicious code was inserted in specific place of legit apps manually, which required attacker to perform in-depth analysis of wallet first
https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/
WeLiveSecurity
Crypto malware in patched wallets targeting Android and iOS devices
ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets.
👍5🤩1
Dirty Pipe temporary root exploit for Android (Pixel 6)
https://github.com/polygraphene/DirtyPipe-Android
https://github.com/polygraphene/DirtyPipe-Android
GitHub
GitHub - polygraphene/DirtyPipe-Android: Dirty Pipe root exploit for Android (Pixel 6)
Dirty Pipe root exploit for Android (Pixel 6). Contribute to polygraphene/DirtyPipe-Android development by creating an account on GitHub.
👍12👏4
RTLO Injection URI Spoofing in mobile apps (CVE-2020-20093; CVE-2020-20094; CVE-2020-20095; CVE-2020-20096)
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
GitHub
GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing - GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
👍13🥰1
Remotely steal bearer token via maliciously crafted deep link from Basecamp Android app
https://hackerone.com/reports/1372667
https://hackerone.com/reports/1372667
HackerOne
Basecamp disclosed on HackerOne: Able to steal bearer token from...
# Pre-requisities
Prior to exploitation you would be required to know the "account id" of the user that you are attacking. Whilst this makes it difficult to attack an application in a generic way...
Prior to exploitation you would be required to know the "account id" of the user that you are attacking. Whilst this makes it difficult to attack an application in a generic way...
👍7
A deep dive inside anti-reverse & universal bypass with Frida
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
👍10
Remote Code Execution in Evernote for Android by misusing path traversal vulnerability
https://hackerone.com/reports/1377748
https://hackerone.com/reports/1377748
HackerOne
Evernote disclosed on HackerOne: 2 click Remote Code execution in...
This vulnerability is similar to my previous reported vulnerability #1362313 , in here also weakness is path transversal vulnerability which helps me to acheive code execution but the root cause...
👍9
A short history of telephone hacking: from phreaking to mobile malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
Bit Sentinel
Telephone hacking: from phreaking to mobile malware
How did telephone hacking become so dangerous? Get ready for a short history: from phreaking to mobile malware!
👍12❤1
New APT group APT-Q-43 (#VajraEleph) discovered targeting Pakistani military personnel via targeted SMS or WhatsApp messages using Android RAT #VajraSpy impersonates chat apps
https://mp.weixin.qq.com/s/B0ElRhbqLzs-wGQh79fTww
https://mp.weixin.qq.com/s/B0ElRhbqLzs-wGQh79fTww
Weixin Official Accounts Platform
来自南亚的金刚象组织VajraEleph ——针对巴基斯坦军方人员的网络间谍活动披露
自2021年6月起至今,一个来自南亚某国背景的APT组织主要针对巴基斯坦军方展开了有组织、有计划、针对性的军事间谍情报活动。经过短短9个月的攻击,该组织已影响数十名巴基斯坦军方人员。这是奇安信独立发现并率先披露的第15个APT组织-金刚象。
👍8🔥5
Here is a demo how a user can download malware on iPhone outside of App Store using configuration profile
https://youtu.be/zgDDI5RPubk
https://youtu.be/zgDDI5RPubk
YouTube
Lukas Stefanko - Demo infection and extraction of seed iOS
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
👍13🔥2🥰2
Analysis of 0-click iMessage exploit named FORCEDENTRY
Exploitation: By sending a .gif iMessage attachment (which was really a PDF) NSO were able to remotely trigger a heap buffer overflow in the ImageIO JBIG2 decoder
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Exploitation: By sending a .gif iMessage attachment (which was really a PDF) NSO were able to remotely trigger a heap buffer overflow in the ImageIO JBIG2 decoder
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Blogspot
FORCEDENTRY: Sandbox Escape
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit ...
👍15❤2🔥1
Update your iPhone
Apple patched two vulnerabilities have been exploited in the wild
CVE-2022-22675, the issue has been described as an out-of-bounds write vulnerability in an audio and video decoding component called AppleAVD that could allow an application to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213219
Apple patched two vulnerabilities have been exploited in the wild
CVE-2022-22675, the issue has been described as an out-of-bounds write vulnerability in an audio and video decoding component called AppleAVD that could allow an application to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213219
Apple Support
About the security content of iOS 15.4.1 and iPadOS 15.4.1
This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1.
👍14❤1🔥1
Complete dissection of an APK with a suspicious C2 Server
https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/
https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/
🔥6
Fake e‑shops on the prowl for banking credentials using Android malware
https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/
https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/
WeLiveSecurity
Fake e‑shops on the prowl for banking credentials using Android malware
ESET researchers have analyzed three malicious Android apps that attempt to steal their login credentials.from the customers of eight Malaysian banks.
😱11❤1
Measurement SDK library (coelib.c.couluslibrary) implemented in various Android apps is responsible for collecting sensitive data such as Clipboard, GPS, Email, Phone Numbers, IMEI, SSID...
https://blog.appcensus.io/2022/04/06/the-curious-case-of-coulus-coelib/
https://blog.appcensus.io/2022/04/06/the-curious-case-of-coulus-coelib/
🔥6👍1