Takedown of SMS-based FluBot spyware infecting Android phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
Europol
Takedown of SMS-based FluBot spyware infecting Android phones | Europol
This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity…
👍11
WhatsApp accounts hijacked by call forwarding
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
Malwarebytes
WhatsApp accounts hijacked by call forwarding
Threat actors are using a new method to take over WhatsApp accounts. The trick starts with tricking the victim into forwarding their calls
🔥8👍2😱2🥰1
Android spyware connected to SideWinder APT group has been distributed via Google Play
https://blog.group-ib.com/sidewinder-antibot
https://blog.group-ib.com/sidewinder-antibot
Group-IB
SideWinder.AntiBot.Script
Group-IB Threat Intelligence researchers have discovered a new malicious infrastructure and a custom tool of the APT group SideWinder. Check!
👍10🔥2
SMSFactory Android Trojan producing high costs for victims
https://blog.avast.com/smsfactory-android-trojan
https://blog.avast.com/smsfactory-android-trojan
Avast
SMSFactory Android Trojan producing high costs for victims
Avast protected more than 165,000 people across the globe from TrojanSMS malware SMSFactory within a year.
🔥7
Malicious App spread through Phishing and Google Play and Huawei's AppGallery App Store
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
D3Lab
🇬🇧 Malicious App spread through Italian Phishing and official App Store
Since the end of 2019 there has been a change in bank phishing campaigns against Italian users who have introduced the combined use in a massive manner of methods until then used exclusively for targeted attacks, such as:
Vishing (telephone phishing);Smishing…
Vishing (telephone phishing);Smishing…
🔥6
Mobile Banking Heists: The Emerging Threats and How to Respond
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
🔥4❤1👍1
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks (CVE-2022-20210)
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
Check Point Research
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks - Check Point Research
Introduction Do you remember push-button telephones? Many of them were based on chips from Spreadtrum Communications Inc., a Chinese chip manufacturer founded in 2001. In 2011, over half of all phones in China were powered by Spreadtrum chips. In 2018, Spreadtrum…
👍7
Mobile forensic & network analysis
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue Tool Suite
Mobile forensic & digital investigation
PiRogue tool suite (PTS) provides a platform combining analysis tools, knowledge management, incident response management and artifact management, which allows NGOs with limited resources to equip themselves at a low cost. The project consists of an open…
🔥5👍2
New “Developer Mode” in iOS 16!
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
🔥3
Apple blocked 1.6 million risky and untrustworthy apps and app updates in 2021
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
Apple Newsroom
App Store stopped nearly $1.5 billion in fraudulent transactions in 2021
App Store prevented over 1.6 million risky and untrustworthy apps and app updates from defrauding users throughout the year.
👍14🥰2
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
Inversecos
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
👍17❤1🥰1
Instagram credentials Stealers: Free Followers or Free Likes https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealers-free-followers-or-free-likes/
McAfee Blog
Instagram credentials Stealers: Free Followers or Free Likes | McAfee Blog
Authored by Dexter Shin Instagram has become a platform with over a billion monthly active users. Many of Instagram's users are looking to increase their
👍6🔥1
Android Malware Analysis 4: Spyware
https://www.purpl3f0xsecur1ty.tech/2022/06/02/OceanLotus_backdoor.html
https://www.purpl3f0xsecur1ty.tech/2022/06/02/OceanLotus_backdoor.html
Purpl3 F0x Secur1ty
Real-world Android Malware Analysis 4: thisisme.thisapp.inspxctor
Intro In previous blog posts, I’ve covered a couple of phishing apps that were pretty simple to reverse engineer because they weren’t very complex or heavily obfuscated. Today, we’re going to look at a backdoor with spyware capabilities that is also fairly…
👍5
Bluetooth BLE signals can be used to identify and track smartphones
https://jacobsschool.ucsd.edu/news/release/3461
https://jacobsschool.ucsd.edu/news/release/3461
jacobsschool.ucsd.edu
Bluetooth signals can be used to identify and track smartphones
A team of engineers at the University of California San Diego has demonstrated for the first time that the Bluetooth signals emitted constantly by our mobile phones have a unique fingerprint that can be used to track individuals’ movements.
🔥7👍2
Analysis of Malware Android Software Spread by Sidewinder (APT-Q-39) Using Google Play [translated]
https://mp-weixin-qq-com.translate.goog/s/LaWE4R24D7og-d7sWvsGyg?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en
https://mp-weixin-qq-com.translate.goog/s/LaWE4R24D7og-d7sWvsGyg?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en
🔥5
Hydra Android Malware Distributed Via Play Store
https://blog.cyble.com/2022/06/13/hydra-android-malware-distributed-via-play-store/
https://blog.cyble.com/2022/06/13/hydra-android-malware-distributed-via-play-store/
Cyble
Cyble - Fake Document Manager App Downloading Hydra Banking Trojan
Cyble analyzes a resurfaced version of Hydra malware distributed via a fake Document Manager app on the Play Store.
🔥11👍3
Analysis of Android banking Trojan MaliBot that is based on S.O.V.A banker
https://www.f5.com/labs/articles/threat-intelligence/f5-labs-investigates-malibot
https://www.f5.com/labs/articles/threat-intelligence/f5-labs-investigates-malibot
F5 Labs
F5 Labs Investigates MaliBot | F5 Labs
We found a novel malware strain that is targeting financial sites in Italy and Spain... so far.
🔥3
Doctor Web’s May 2022 review of virus activity on mobile devices
https://news.drweb.com/show/review/?lng=en&i=14500
https://news.drweb.com/show/review/?lng=en&i=14500
Dr.Web
Dr.Web — Doctor Web’s May 2022 review of virus activity on mobile devices
In May, the activity of the <vir>Android.Spy.4498</vir> trojan, which steals information from other apps’ notifications, decreased by 13.48%. However, this malware is still the most widespread Android threat. <vir>Android.HiddenAds</vir> adware trojans are…
👏6
Forwarded from The Bug Bounty Hunter
XSS Blind Stored at Asset Domain Android Apps TikTok
https://aidilarf.medium.com/xss-blind-stored-at-asset-domain-android-apps-tiktok-ae2f4c2dbc07
https://aidilarf.medium.com/xss-blind-stored-at-asset-domain-android-apps-tiktok-ae2f4c2dbc07
Medium
XSS Blind Stored at Asset Domain Android Apps TikTok
Hi everyone
🤔6👍3👏3
Lookout Uncovers Android Spyware Deployed in Kazakhstan #Hermit
https://www.lookout.com/blog/hermit-spyware-discovery
https://www.lookout.com/blog/hermit-spyware-discovery
Lookout
Lookout Uncovers Hermit Spyware Deployed in Kazakhstan | Threat Intel
Lookout researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.
🔥13👍3