Statistics and analysis of "Hqware" Android Banking malware family
https://securelist.com/hqwar-the-higher-it-flies-the-harder-it-drops/93689/
https://securelist.com/hqwar-the-higher-it-flies-the-harder-it-drops/93689/
Securelist
HQWar: the higher it flies, the harder it drops
Now one can say that only the lazy did not use Hqwar: Kaspersky's collection of viruses features over 200,000 Trojans packed using Hqwar.
Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others
The bug was allegedly being used or sold by the NSO Group.
Local PoC exploit included. CVE-2019-2215
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
The bug was allegedly being used or sold by the NSO Group.
Local PoC exploit included. CVE-2019-2215
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942
Spy campaign against handpicked political, social activists, high-profile journalists and members of non-profit organizations in Egypt.
One of the spy app found on Google Play with 5,000+ installs.
https://research.checkpoint.com/the-eye-on-the-nile/
One of the spy app found on Google Play with 5,000+ installs.
https://research.checkpoint.com/the-eye-on-the-nile/
Check Point Research
The Eye on the Nile - Check Point Research
Introduction Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers…
GEOST BOTNET - ANALYSIS OF A NEW ANDROID BANKING TROJAN FROM AN OPSEC ERROR
http://public.avast.com/research/VB2019-Garcia-etal.pdf
http://public.avast.com/research/VB2019-Garcia-etal.pdf
Signal Bug Could Have Let Hackers Listen to Android Users Via Microphone
https://www.vice.com/en_us/article/3kx7n8/signal-bug-could-have-let-hackers-listen-to-android-users-via-microphone
https://www.vice.com/en_us/article/3kx7n8/signal-bug-could-have-let-hackers-listen-to-android-users-via-microphone
Vice
Signal Bug Could Have Let Hackers Listen to Android Users Via Microphone
Google’s Project Zero recently reported the issue, which the Signal maintainers have now fixed.
Mobile Pentesting with Frida
https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view
https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view
👍1
Automated Frida hook generation with JEB
https://bhamza.me/2019/10/06/Automated-Frida-hook-generation-with-JEB.html
jeb2frida: https://github.com/Hamz-a/jeb2frida
https://bhamza.me/2019/10/06/Automated-Frida-hook-generation-with-JEB.html
jeb2frida: https://github.com/Hamz-a/jeb2frida
How to modify iOS app with Frida to use Meterpreter
https://sensepost.com/blog/2019/mettle-your-ios-with-frida/
https://sensepost.com/blog/2019/mettle-your-ios-with-frida/
A Run-Time Approach For Pen-Testing IOS Applications Part-II (Objection In Action)
https://blog.securelayer7.net/a-run-time-approach-for-pen-testing-ios-applications-part-ii-objection-in-action/
https://blog.securelayer7.net/a-run-time-approach-for-pen-testing-ios-applications-part-ii-objection-in-action/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
A run-time approach for pen-testing iOS applications Part-II (Objection in Action)
Objection in Action Once all things go right, we can inject Frida noscripts into our target application. Open target application and enter following command in powershell objection -g...
Vulnerable Twitter API of iOS apps may lead to possible MITM attack
The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. CVE-2019-16263
https://blog.appicaptor.com/2019/10/04/vulnerable-library-warning-twitterkit-for-ios/
The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. CVE-2019-16263
https://blog.appicaptor.com/2019/10/04/vulnerable-library-warning-twitterkit-for-ios/
Fake Antivirus Found on Google Play 100,000+ Installs
https://twitter.com/ReBensk/status/1181544987151855616
https://twitter.com/ReBensk/status/1181544987151855616
Twitter
Re-ind
Fake-AV Found on Google Play 100,000+ Installs https://t.co/FTLbBdDMlQ
HiddenApp Trojans that hide its presence and display ads found on Google Play: discovered 15 apps with over 1,300,000 installs
https://news.sophos.com/en-us/2019/10/08/icon-hiding-android-adware-returns-to-the-play-market/
https://news.sophos.com/en-us/2019/10/08/icon-hiding-android-adware-returns-to-the-play-market/
Sophos News
Icon-hiding Android adware returns to the Play Market
Adware apps attempt to evade easy removal by, literally, hiding their app icons from users
Doctor Web’s overview of malware detected on mobile devices in September 2019
https://news.drweb.com/show/?i=13446&lng=en
https://news.drweb.com/show/?i=13446&lng=en
Dr.Web
Dr.Web — Doctor Web’s overview of malware detected on mobile devices in September 2019
Find out on Doctor Web’s site about the latest virus threats and information security issues.
Two spy apps that steal contact list found on Google Play with 110+ installs
https://twitter.com/s_metanka/status/1181192866875559936
https://twitter.com/s_metanka/status/1181192866875559936
Twitter
smtnk
These two young apps on @GooglePlay steal the users' contact lists and leak them all (~3k unique records) via unprotected Firebase instances, mostly UAE/Pakistan/Saudi Arabia victims it seems. #Android #Malware https://t.co/6INCOHBiLE https://t.co/o1mPKjrHNr
New Joker Trojan app with 100,000+ installs found on Google Play
https://twitter.com/s_metanka/status/1181592422796664837
https://twitter.com/s_metanka/status/1181592422796664837
Twitter
smtnk
A new Joker app on @GooglePlay ”Amusing game station" - 100,000+ installs. The loader is slightly improved, the core build is an old s8-7-release. Targets: GR,AT,DE,PK,UAE,BD,TH. Distribution C&C: doocims[.]com, main C&C: 18.139.46[.]15 https://t.co/NXfFLZz6rD…
Analysis of WhatsApp bug CVE-2019-3568
https://github.com/maddiestone/ConPresentations/blob/master/Jailbreak2019.WhatsUpWithWhatsApp.pdf
https://github.com/maddiestone/ConPresentations/blob/master/Jailbreak2019.WhatsUpWithWhatsApp.pdf
GitHub
ConPresentations/Jailbreak2019.WhatsUpWithWhatsApp.pdf at master · maddiestone/ConPresentations
Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.
Google has removed 29 popular Android apps with a total download of more 10 million from Google Play store
https://m.gadgetsnow.com/slideshows/delete-these-29-popular-apps-from-your-android-phone-right-now/amp_photolist/71573856.cms
https://m.gadgetsnow.com/slideshows/delete-these-29-popular-apps-from-your-android-phone-right-now/amp_photolist/71573856.cms
Gadgets Now
Delete these 29 popular apps from your Android phone right now | Gadgets Now
Adware app with 10,000+ installs on Google Play
https://twitter.com/ReBensk/status/1183742308652466178?s=19
https://twitter.com/ReBensk/status/1183742308652466178?s=19
Twitter
Re-ind
AdDisplay.Clevernet Malware Found on Google Play 10,000+ Installs Display Ads with full screen https://t.co/as6KAW65eY
Joker Trojan found on Google Play with 10,000+ installs
https://twitter.com/sh1shk0va/status/1184054662003134464?s=19
https://twitter.com/sh1shk0va/status/1184054662003134464?s=19
Twitter
Tatyana Shishkova
Yet another #Joker Trojan on Google Play. 10,000+ installs, contacts nichfyy[.]com, 52.77.93[.]217. https://t.co/PeUMxyCUbc