Subnoscription Scam with 1,000,000+ installs. After start requests 5 star rating and €99,99 per year subnoscription. https://www.reddit.com/r/PlayStoreTrash/comments/csfp48/chinese_adware_how_does_it_work/
27 apps found on Google Play that prompt to install fake Google Play Store (Adware).
These app reached over 6,000 installs.
https://blogs.quickheal.com/alert-27-apps-found-google-play-store-prompt-install-fake-google-play-store/
These app reached over 6,000 installs.
https://blogs.quickheal.com/alert-27-apps-found-google-play-store-prompt-install-fake-google-play-store/
Quick Heal Blog
Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store
Quick Heal Security Lab spotted 27 malicious apps of dropper category on official “Google Play Store”. These apps...
Forwarded from The Bug Bounty Hunter
Facebook Bug Bounty: Reading WhatsApp contacts list without unlocking the device
https://medium.com/@ar_arvind/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
https://medium.com/@ar_arvind/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
Medium
WhatsApp Bug Bounty: Reading contacts list without unlocking the device
A bug allows anyone who has the victim’s phone to read all their contact list without unlocking the security lock
Introducing new #Android #malware analysis platform!
Upload APK, detect malware and grab its configuration.
Currently open for trusted researchers only.
https://www.apkdetect.com/
Upload APK, detect malware and grab its configuration.
Currently open for trusted researchers only.
https://www.apkdetect.com/
Microsoft Patches Vulnerable Android Remote Desktop App
https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/
https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/
BleepingComputer
Microsoft Patches Vulnerable Android Remote Desktop App
Microsoft updated the security advisory of an information disclosure vulnerability that previously impacted only Windows Remote Desktop Protocol clients to also include the Microsoft Remote Desktop for Android app.
First known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice
https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/
https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/
WeLiveSecurity
First‑of‑its‑kind spyware sneaks into Google Play
ESET research breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice.
One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse
https://blog.doyensec.com/2019/08/22/modern-password-managers-flag-secure.html
https://blog.doyensec.com/2019/08/22/modern-password-managers-flag-secure.html
Doyensec
One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse
A few months ago I stumbled upon a 2016 blog post by Mark Murphy, warning about the state of FLAG_SECURE window leaks in Android. This class of vulnerabilities has been around for a while, hence I wasn’t confident that I could still leverage the same weakness…
CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
YouTube
iPhone Remote File Read Demo
A demo of CVE-2019-8646, retrieving an image from a remote device's messages
Telegram bug discloses phone numbers of any users in public groups.
Not fixed yet.
Allegedly exploited by government sponsored attack against Hong Kong protesters.
https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub
Not fixed yet.
Allegedly exploited by government sponsored attack against Hong Kong protesters.
https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub
Forwarded from The Bug Bounty Hunter
[iOS Application Security] Jailbreak 12.4 and SSL pinning bypass | How to set up your iOS Testing Lab
https://medium.com/@yogendra_h1/ios-application-security-jailbreak-12-4-5e3fc0dc0726
https://medium.com/@yogendra_h1/ios-application-security-jailbreak-12-4-5e3fc0dc0726
Medium
[iOS Application Security] Jailbreak 12.4
Hello Everyone — Long time no see!
Riltok - Android banking Trojan spreads in France 🇫🇷 via SMS
https://twitter.com/benkow_/status/1165905380402171905?s=19
https://twitter.com/benkow_/status/1165905380402171905?s=19
Twitter
Benkøw moʞuƎq
#Riltok #Android still around in France http://karambga3j. net/3lfk3jGj/fKJh3jKLO/login.php f51a27163cb0ddd08caa29d865b9f238848118ba2589626af711330481b352df
Forwarded from The Bug Bounty Hunter
Hail Frida!! The Universal SSL pinning bypass for Android applications
https://medium.com/@ved_wayal/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
https://medium.com/@ved_wayal/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
Medium
Hail Frida!! The Universal SSL pinning bypass for Android applications
In this article, I’ll explain how to bypass SSL pinning of any android application using frida framework.
Solving Android CTF from BSidesSF2019
https://aadityapurani.com/2019/03/07/bsidessf-ctf-2019-mobile-track/
https://aadityapurani.com/2019/03/07/bsidessf-ctf-2019-mobile-track/
Aaditya Purani - Hacker
[BSidesSF CTF 2019] – Mobile Track
Introduction BSIDES CTF 2019 was hosted by Google and Facebook in San Francisco during the BSides Conference. Teams from all over the world could compete, but the prizes can only be claimed by team…
Bypass passcode protection in NextCloud Android app
https://hackerone.com/reports/631206
https://hackerone.com/reports/631206
HackerOne
Nextcloud disclosed on HackerOne: Passcode Protection in Android...
###What is The Vulnerability?
The Passcode can be bypassed by calling a MainLoginActivity which is com.owncloud.android.ui.activity.FileDisplayActivity , We have successfully bypassed the passcode...
The Passcode can be bypassed by calling a MainLoginActivity which is com.owncloud.android.ui.activity.FileDisplayActivity , We have successfully bypassed the passcode...
Android Trojan Dropper - xHelper
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
Malwarebytes Labs
Mobile Menace Monday: Android Trojan raises xHelper Malwarebytes Labs
Since its introduction in May 2019, the xHelper dropper, an Android Trojan, has climbed to our top 10 list of most detected mobile malware.
Tests of some of Android Antiviruses (Banking, Trojans, Spyware, PUAs, SMS)
https://www.mrg-effitas.com/wp-content/uploads/2019/08/Android360_2019q2_7.pdf
https://www.mrg-effitas.com/wp-content/uploads/2019/08/Android360_2019q2_7.pdf
Trojan found in CamScanner – Phone PDF creator app with 100,000,000+ installs on Google Play
This Trojan downloads malicious payload from developer's server.
https://securelist.com/dropper-in-google-play/92496/
This Trojan downloads malicious payload from developer's server.
https://securelist.com/dropper-in-google-play/92496/
Securelist
An advertising dropper in Google Play
Recently, the popular CamScanner – Phone PDF creator app caught our attention. After analyzing the app, we saw that the developer added an advertising library to it that contains a malicious dropper component.
Two fake phishing apps found on Google Play. Both of them request user's credit card details. Target Brazilian 🇧🇷 users.
https://twitter.com/silvaaa_anne/status/1166435030182313985?s=19
https://twitter.com/silvaaa_anne/status/1166407382840168449?s=19
Pernambucanas - Cupons - 100+ installsMidway Acesso (impersontes Riachuelo) - 5+ installshttps://twitter.com/silvaaa_anne/status/1166435030182313985?s=19
https://twitter.com/silvaaa_anne/status/1166407382840168449?s=19
Twitter
Anne Silva
Another Malicious App targeting Pernambucanas clients: https://t.co/vcZjTNDDeB @assolini @defesa_digital @Android @GooglePlay @emilio_simoni