Brokewell: A New Android Banking Trojan Targeting Users In Germany
https://cyble.com/blog/brokewell-a-new-android-banking-trojan-targeting-users-in-germany/
https://cyble.com/blog/brokewell-a-new-android-banking-trojan-targeting-users-in-germany/
Cyble
Brokewell: New Android Trojan Targeting Germany Users
Cybel uncovers the 'Brokewell' Android Banking Trojan targeting German users with overlay attacks, keylogging, and screen recording. Stay updated on threats.
👍10❤2😁1
Security issues in phone-tracking app iSharing exposed users locations
https://www.ericdaigle.ca/isharing-data-leak-writeup/
https://www.ericdaigle.ca/isharing-data-leak-writeup/
👍6❤2
Brokewell: do not go broke from new banking malware
https://www.threatfabric.com/blogs/brokewell-do-not-go-broke-by-new-banking-malware
https://www.threatfabric.com/blogs/brokewell-do-not-go-broke-by-new-banking-malware
ThreatFabric
Brokewell: do not go broke from new banking malware!
Explore the new malware family, Brokewell, with Device Takeover capabilities. Understand the risks it poses to financial institutions and how to stay protected.
🔥9👍4
Advanced Frida Usage Part 9 – Memory Scanning in Android
https://8ksec.io/advanced-frida-usage-part-9-memory-scanning-in-android/
https://8ksec.io/advanced-frida-usage-part-9-memory-scanning-in-android/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Advanced Frida Usage Part 9 – Memory Scanning in Android - 8kSec
In part-9 of Advanced Frida Usage, learn about API provided by frida called Memory.scan() which can help you to scan bytes from memory & help you to patch them.
🔥9👍3❤2
In 2023, Google prevented 2.28 million policy-violating apps from being published on Google Play
https://security.googleblog.com/2024/04/how-we-fought-bad-apps-and-bad-actors-in-2023.html
https://security.googleblog.com/2024/04/how-we-fought-bad-apps-and-bad-actors-in-2023.html
Google Online Security Blog
How we fought bad apps and bad actors in 2023
Posted by Steve Kafka and Khawaja Shams (Android Security and Privacy Team), and Mohet Saxena (Play Trust and Safety) A safe and trusted ...
❤8😁1
New Android malware called Wpeeper hides behind hacked WordPress sites
https://blog.xlab.qianxin.com/playing-possum-whats-the-wpeeper-backdoor-up-to/
https://blog.xlab.qianxin.com/playing-possum-whats-the-wpeeper-backdoor-up-to/
奇安信 X 实验室
Playing Possum: What's the Wpeeper Backdoor Up To?
Summary
On April 18, 2024, XLab's threat hunting system detected an ELF file with zero detections on VirusTotal being distributed through two different domains. One of the domains was marked as malicious by three security firms, while the other was recently…
On April 18, 2024, XLab's threat hunting system detected an ELF file with zero detections on VirusTotal being distributed through two different domains. One of the domains was marked as malicious by three security firms, while the other was recently…
❤6🔥4👍1
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/
https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/
Microsoft News
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps
Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution…
🔥10👍2
20 Security Issues Found in Xiaomi Devices
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/
News, Techniques & Guides
20 Security Issues Found in Xiaomi Devices
👍15😁6🤯4🍓3🙈3
How to Improve Your Android & iOS Static Analysis with Nuclei!
https://medium.com/@justmobilesec/how-to-improve-your-android-ios-static-analysis-with-nuclei-d44f3daa9cee
https://medium.com/@justmobilesec/how-to-improve-your-android-ios-static-analysis-with-nuclei-d44f3daa9cee
Medium
How to Improve Your Android & iOS Static Analysis with Nuclei!
TL;DR: In this post, we will cover how to statically analyze Android and iOS applications using Nuclei. We’ll start:
👍12❤3
Smart-sex-toy users targeted by Android trojan clicker
https://news.drweb.com/show/?i=14860&lng=en
https://news.drweb.com/show/?i=14860&lng=en
Dr.Web
Smart-sex-toy users targeted by clicker trojan
Virus analysts at Doctor Web uncovered an Android application containing a clicker trojan that silently opens advertising sites and clicks on webpages. Such trojans can be used to stealthily display ads, generate click fraud, sign up unsuspecting victims…
💩21🤡11👍5😁5🗿3😨2
DNS traffic can leak outside the VPN tunnel on Android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
https://mullvad.net/en/blog/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android
Mullvad VPN
DNS traffic can leak outside the VPN tunnel on Android | Mullvad VPN
We were recently made aware of multiple potential DNS leaks on Android. They stem from bugs in Android itself, and only affect certain apps.
👍18😱5
Finland warns of Vultur Android malware attacks distributed via received SMS messages
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/
BleepingComputer
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
🔥10👍3
Guided fuzzing for native Android libraries (using Frida & Radamsa)
https://knifecoat.com/Posts/Coverage+guided+fuzzing+for+native+Android+libraries+(Frida+%26+Radamsa)
https://knifecoat.com/Posts/Coverage+guided+fuzzing+for+native+Android+libraries+(Frida+%26+Radamsa)
KnifeCoat
Coverage guided fuzzing for native Android libraries (Frida & Radamsa) - KnifeCoat
Intro Recently I have been getting into userland application testing on Android. I want to credit Iddo and Jacob for their excellent course on attacking IM Applications which I took at zer0con. As a …
🔥21👍2
Forwarded from The Bug Bounty Hunter
Flutter Windows Thick Client SSL Pinning Bypass
https://blog.souravkalal.tech/flutter-windows-thick-client-ssl-pinning-bypass-492389ae1218
https://blog.souravkalal.tech/flutter-windows-thick-client-ssl-pinning-bypass-492389ae1218
Medium
Flutter Windows Thick Client SSL Pinning Bypass
I recently worked on a Flutter-based application and learned that it is different from other hybrid frameworks like React Native or…
🔥26👍8❤1
Android Remote Access Trojan Equipped to Harvest Credentials
https://blog.sonicwall.com/en-us/2024/04/android-remote-access-trojan-equipped-to-harvest-credentials/
https://blog.sonicwall.com/en-us/2024/04/android-remote-access-trojan-equipped-to-harvest-credentials/
👍16❤2
PoC for CVE-2024-27804, an iOS/macOS kernel vulnerability that leads to the execution of arbitrary code with kernel privileges
https://r00tkitsmm.github.io/fuzzing/2024/05/14/anotherappleavd.html
https://r00tkitsmm.github.io/fuzzing/2024/05/14/anotherappleavd.html
My interesting research.
CVE-2024-27804 Vulnerability in AppleAVD
https://github.com/R00tkitSMM/CVE-2024-27804
👍19👏3❤1
New Android Banking Trojan named Antidot Masquerades as Fake Google Play Updates
https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/
https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/
Cyble
New Antidot Trojan Disguised As Fake Google Play Updates
Discover the 'Antidot' Android Banking Trojan: a fake Google Play update that steals credentials using overlay attacks and remote control techniques.
🤔11👍3😁2🤡2🥱2❤1
Mobile Malware Analysis of Android banking trojan Blackrock
https://8ksec.io/mobile-malware-analysis-part-7-blackrock/
https://8ksec.io/mobile-malware-analysis-part-7-blackrock/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Mobile Malware Analysis Part 7 – Blackrock - 8kSec
Read part - 7 of our mobile malware series to learn about Blackrock Malware and tricks it uses like messing with accessibility settings. Read more now!
❤19👍4🥱3👎2😁2
Fuzzing Android binaries using AFL++ Frida Mode
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
Medium
Fuzzing Android binaries using AFL++ Frida Mode
You might find this to be a fitting prologue to my earlier post on Creating and using JVM instances in Android C/C++ applications… and you…
👍14
Android Firedown Browser app allows a remote attacker to execute arbitrary JavaScript code via an implicit intent (CVE-2024-31974)
https://github.com/actuator/com.solarized.firedown/blob/main/CVE-2024-31974
https://github.com/actuator/com.solarized.firedown/blob/main/CVE-2024-31974
GitHub
com.solarized.firedown/CVE-2024-31974 at main · actuator/com.solarized.firedown
CVE-2024-31974. Contribute to actuator/com.solarized.firedown development by creating an account on GitHub.
👍21🤨4
Technical Analysis of Anatsa (a.k.a. TeaBot) Campaigns: An Android Banking Malware Active in the Google Play Store
https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google
https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google
Zscaler
Anatsa Campaign Technical Analysis | ThreatLabz
Explore how Anatsa distributes Android malware by using PDF and QR code reader decoys to lure victims through the Google Play store.
👍15