Seven HiddenApp Trojans with 550k+ installs found on Google Play
https://twitter.com/virqdroid/status/1146718450393473024
https://twitter.com/virqdroid/status/1146718450393473024
Twitter
Nikolaos Chrysaidos
Seven more adware applications in @GooglePlay - that are hiding the icon with 550k+ Installations. Similar to @s_metanka findings. @apklabio
Unpatched vulnerability in Firefox for Android
Opening an HTML or SVG attachment received via WhatsApp could allow remote attackers to steal files saved in your WhatsApp folder (other received files).
https://twitter.com/evaristegal0is/status/1146455296673538048
Opening an HTML or SVG attachment received via WhatsApp could allow remote attackers to steal files saved in your WhatsApp folder (other received files).
https://twitter.com/evaristegal0is/status/1146455296673538048
Twitter
If you use WhatsApp and Firefox (or Tor) on Android, do not open with Firefox the received HTML or SVG files via WhatsApp. An attacker can easily steal your documents sent via WhatsApp, saved in the directory "WhatsApp Documents/Sent". I hope the Mozilla…
4shared Android app triggers suspicious background activity generating fake clicks and subnoscriptions
https://www.upstreamsystems.com/secure-d-uncovers-4shared-android-app-triggers-suspicious-background-activity-generating-fake-clicks-subnoscriptions/
https://www.upstreamsystems.com/secure-d-uncovers-4shared-android-app-triggers-suspicious-background-activity-generating-fake-clicks-subnoscriptions/
Upstream
Secure-D uncovers 4shared Android app triggers suspicious background activity generating fake clicks and subnoscriptions - Upstream
Upstream’s security lab, Secure-D, has unveiled that 4shared, a popular file sharing and storage Android app hides suspicious background activity.
Android app with 10M+ installs requests $34.99 subnoscription for Samsung firmware updates. Every user can have them for free!
Payment is not via Google Play, but the app simply asks for credit card info.
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0
Payment is not via Google Play, but the app simply asks for credit card info.
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0
Medium
“Updates for Samsung” — from a blog to an Android advertisement revenue goldmine of 10,000,000+ users
The latest Android OS comes in countless varieties of vendor builds and versions. Are you aware of what else is countless about Android OS…
Debugging Samsung Android Kernel
Part 1: https://link.medium.com/bigUZPfr4X
Part 2: https://link.medium.com/sMzdJCpr4X
Part 3: https://link.medium.com/Eukm4Itr4X
Part 1: https://link.medium.com/bigUZPfr4X
Part 2: https://link.medium.com/sMzdJCpr4X
Part 3: https://link.medium.com/Eukm4Itr4X
MobileHunter Analysis using glorifiedgrep
This is a quick and short writeup about how the Python module glorifiedgrep can be used for fast analysis of android applications.
https://www.securisec.com/tools/python/mobile_hunter/
This is a quick and short writeup about how the Python module glorifiedgrep can be used for fast analysis of android applications.
https://www.securisec.com/tools/python/mobile_hunter/
All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
Hackers Online Club
Mobile Security Penetration Testing List 2024
Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
❤1
Coin Master game with 50M+ installs apparently tires to attract users back to the game with fake notifications.
https://www.reddit.com/r/assholedesign/comments/ca4g0o/this_app_gives_fake_notfications_saying_that_they/
https://www.reddit.com/r/assholedesign/comments/ca4g0o/this_app_gives_fake_notfications_saying_that_they/
❤1
Exploiting Same Origin Policy (SOP) bypass in iOS 12.3.1 for Safari.
Exploit code is not released yet.
https://twitter.com/itszn13/status/1147591372867821568
Exploit code is not released yet.
https://twitter.com/itszn13/status/1147591372867821568
Twitter
itszn
Decided to take @qwertyoruiopz's nday and write a full exploit for it. Here is a exploit for iOS 12.3.1 doing SOP bypass via arbitrary read/write
XPin Clip - bruteforce forensics solution for PIN, password and pattern lock.
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
X (formerly Twitter)
X
👍2
myMail – Android email client could launch any protected activity in MyMail app. #vulnerability
https://hackerone.com/reports/376618
https://hackerone.com/reports/376618
HackerOne
Mail.ru disclosed on HackerOne: Launch Any Activity in MyMail App
An exported activity in My.Com Mail application could be used to launch protected activities.
Fake copycat of popular app "ES File Explorer" found on Google Play with 10K+ installs
App is without any functionality and displays ads + requests 5 star rating.
Don't install it!
https://twitter.com/LukasStefanko/status/1148115343455469568
App is without any functionality and displays ads + requests 5 star rating.
Don't install it!
https://twitter.com/LukasStefanko/status/1148115343455469568
Twitter
Lukas Stefanko
Fake ES File Explorer with 10K+ installs found on Google Play App has no functionality and within 2 minutes displayed 9 fullscreen ads while "setting up" the app. To look trustworthy, it requests registration. Original ES File Explorer was removed from Play…
Trojan that drops + makes user install fake adware app Google Play discovered on Google Play
Fullscreen ads are displayed once user unlocks device on behalf of "Google Play" app.
https://twitter.com/0xabc0/status/1148147733485821953
Fullscreen ads are displayed once user unlocks device on behalf of "Google Play" app.
https://twitter.com/0xabc0/status/1148147733485821953
Twitter
Ahmet Bilal Can
#adware 1.000+ installs https://t.co/HnKx0fEOsR https://t.co/v5Mt1ZYFXV Drops app for ads. https://t.co/nQpNZ3AOBm Second app's name is "Google Play" and hides itself after launch.
Anubis Android Malware Returns with Over 17,000 Samples
https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/
https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/
Trend Micro
Research, News, and Perspectives
Over 1,000 Android apps harvest data even after you deny permissions.
Apps used workarounds that would take personal data from sources like Wi-Fi connections and metadata stored in photos.
Fix won’t come until Android Q.
https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/
PDF: www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf
Apps used workarounds that would take personal data from sources like Wi-Fi connections and metadata stored in photos.
Fix won’t come until Android Q.
https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/
PDF: www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf
CNET
More than 1,000 Android apps harvest data even after you deny permissions
The apps gather information such as location, even after owners explicitly say no. Google says a fix won’t come until Android Q.
iOS 13 beta 3 available only for developers already exploited and got root shell #JailBreak
Exploit code is not released.
https://twitter.com/iBSparkes/status/1147830471440633858
Exploit code is not released.
https://twitter.com/iBSparkes/status/1147830471440633858
Twitter
sparkey
got shell btw
Android malware hidden inside VirtualApp sandbox. #chinese
http://blog.avlsec.com/2019/07/5393/virtualapp%e6%8a%80%e6%9c%af%e5%ba%94%e7%94%a8%e5%8f%8a%e5%ae%89%e5%85%a8%e5%88%86%e6%9e%90%e6%8a%a5%e5%91%8a/
http://blog.avlsec.com/2019/07/5393/virtualapp%e6%8a%80%e6%9c%af%e5%ba%94%e7%94%a8%e5%8f%8a%e5%ae%89%e5%85%a8%e5%88%86%e6%9e%90%e6%8a%a5%e5%91%8a/
Hackers exploit 7-Eleven mobile app's poorly designed password reset function to make unwanted charges on 900 customers' accounts.
https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
ZDNet
7-Eleven Japanese customers lose $500,000 due to mobile app flaw
Hackers exploit 7-Eleven's poorly designed password reset function to make unwanted charges on 900 customers' accounts.
Australian Federal Police admits to spying on journalists
The authorities used a 2015 amendment to espionage legislation that forces telecommunications companies to keep phone and Internet records, as well as other metadata, of users for up to two years.
https://www.theguardian.com/australia-news/2019/jun/04/federal-police-raid-home-of-news-corp-journalist-annika-smethurst
The authorities used a 2015 amendment to espionage legislation that forces telecommunications companies to keep phone and Internet records, as well as other metadata, of users for up to two years.
https://www.theguardian.com/australia-news/2019/jun/04/federal-police-raid-home-of-news-corp-journalist-annika-smethurst
the Guardian
Federal police raid home of News Corp journalist Annika Smethurst
AFP officers execute search warrant over 2018 report about new powers for intelligence agencies to spy on Australians
Analysis of subnoscription scam iOS apps found on App Store.
These are apps that are free to download and then ask you to subscribe right on launch. https://ivrodriguez.com/investigating-some-subnoscription-scam-ios-apps/
These are apps that are free to download and then ask you to subscribe right on launch. https://ivrodriguez.com/investigating-some-subnoscription-scam-ios-apps/
Ivan R Blog
Investigating some subnoscription scam iOS apps
For some reason Apple allows "subnoscription scam" apps on the App Store. These are apps that are free to download and then ask you to subscribe right on launch. It's called the freemium business model, except these apps ask you to subscribe for "X" feature(s)…