Bahamut cybermercenary group targets Android users with fake VPN apps
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
WeLiveSecurity
Bahamut cybermercenary group targets Android users with fake VPN apps
ESET researchers uncover an active campaign where the Bahamut APT targets Android users via trojanized versions of two legitimate VPN apps.
👍8😱3
Vulnerability discovered in devices with a Mali GPU
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
Blogspot
Mind the Gap
By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but...
👍14🔥5
Discovered ongoing Android RAT campaign that uses FIFA World Cup in Qatar as a lure and already infected over 750 devices.
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
👍15
Forwarded from The Bug Bounty Hunter
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
Medium
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
Hola H3ckers,
👍32
This Malicious App on Google Play Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
👍13❤1
Fake Security App Found Abuses Japanese Payment System
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
McAfee Blog
Fake Security App Found Abuses Japanese Payment System | McAfee Blog
Authored by SangRyol Ryu and Yukihiro Okutomi McAfee’s Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The
👍9
Schoolyard Bully Android Trojan Discovered On Google Play Steals Facebook Credentials
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
Zimperium
Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium
Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read…
👍11
Forwarded from The Bug Bounty Hunter
Huawei Security Hypervisor Vulnerability
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
Impalabs
Huawei Security Hypervisor Vulnerability
This advisory contains information about the following vulnerabilities:
- OOB Accesses Using the Logging System
- OOB Accesses Using the Logging System
👍9
Remote code vulnerabilities discovered in three applications that enable an Android device to be used as a remote keyboard and mouse for their computers
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
Blackduck
CyRC Advisory: Mouse & Keyboard App Vulnerabilities | Black Duck Blog
Discover CyRC's advisory on remote code execution vulnerabilities in popular mouse and keyboard apps and understand their potential impact.
👍10😐6
October 2022 review of virus activity on mobile devices by Doctor Web
https://news.drweb.com/show/review/?lng=en&i=14617
https://news.drweb.com/show/review/?lng=en&i=14617
Dr.Web
Dr.Web — Doctor Web’s October 2022 review of virus activity on mobile devices
Find out on Doctor Web’s site about the latest virus threats and information security issues.
👍8❤2
Roots in the Past: General Mobile E-Tab4
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
👍10🥰4
An upsurge of new Android Banking Trojan “Zanubis”
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
K7 Labs
An upsurge of new Android Banking Trojan “Zanubis”
We came across the tweet of an Android malware sample, a banking trojan that mainly targets Peru banks by […]
👍15🔥2😱2❤1👎1🖕1
Android Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
Threatfabric
Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
A new campaign is targeting Android & Windows with multiple Trojans using Zombinder: a thirdparty service to infect a legitimate app with malicious payload
👍13
Android app "Web Explorer – Fast Internet" with over 5m downloads leaked user browsing history
https://cybernews.com/security/android-app-leaked-user-browsing-history/
https://cybernews.com/security/android-app-leaked-user-browsing-history/
Cybernews
Android app with over 5m downloads leaked user browsing history
Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history.
👍15🤨1
Frida noscript to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
Gist
Frida noscript to bypass common methods of sslpining Android
Frida noscript to bypass common methods of sslpining Android - mixunpin.js
👍19😨2
How to setup and scan wi-fi networks using Hijacker app
https://www.instagram.com/p/CmB6ufaDFf3/
https://www.instagram.com/p/CmB6ufaDFf3/
👍26🔥5🥰2😁1
Forwarded from The Bug Bounty Hunter
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
https://github.com/ax/apk.sh
https://github.com/ax/apk.sh
GitHub
GitHub - ax/apk.sh: Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding…
Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh
👍39🔥2
BrasDex: A new Brazilian ATS Android Banker with ties to Desktop malware
https://www.threatfabric.com/blogs/brasdex-a-new-brazilian-ats-malware.html
https://www.threatfabric.com/blogs/brasdex-a-new-brazilian-ats-malware.html
ThreatFabric
BrasDex: A new Brazilian ATS Android Banker with ties to Desktop malware
ThreatFabric’s analysts discovered a multi-platform banking malware campaign targeting Brazil, reaching thousands of victims.
👍16🥰5
Do you have hacking experience in mobiles and would like to earn much more bounty rewards than now?
Fill out the form below and we will provide free unlimited access to Oversecured Android/iOS vulnerability scanners
https://docs.google.com/document/u/0/d/1dwDtx9S3CSXtjThv-f9t9VbD1cw6c-KOVr506LxU3dg/mobilebasic
Apply here: https://docs.google.com/forms/d/e/1FAIpQLSde-rGWyGF7ug3MIhf3OGE3uJg78tQgcIlsf0MOBApnBVqqVw/viewform
Fill out the form below and we will provide free unlimited access to Oversecured Android/iOS vulnerability scanners
https://docs.google.com/document/u/0/d/1dwDtx9S3CSXtjThv-f9t9VbD1cw6c-KOVr506LxU3dg/mobilebasic
Apply here: https://docs.google.com/forms/d/e/1FAIpQLSde-rGWyGF7ug3MIhf3OGE3uJg78tQgcIlsf0MOBApnBVqqVw/viewform
👀15👍12🔥2👏2
MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter
https://www.zimperium.com/blog/moneymonger-predatory-loan-scam-campaigns-move-to-flutter/
https://www.zimperium.com/blog/moneymonger-predatory-loan-scam-campaigns-move-to-flutter/
Zimperium
MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter - Zimperium
The Zimperium zLabs team recently discovered a Flutter application with malicious code. The Flutter-obfuscated malware campaign, MoneyMonger, is solely distributed through third-party app stores and sideloaded onto the victim’s Android device. Read more to…
👍18
How to install firmware for external Wi-Fi adapters in NetHunter using Magisk
https://www.youtube.com/shorts/BjAKy97B1d4
https://www.youtube.com/shorts/BjAKy97B1d4
👍30🔥2