Mobile Cyberespionage Campaign Distributed Through #CallerSpy as a Targeted Attack
https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-distributed-through-callerspy-mounts-initial-phase-of-a-targeted-attack/
https://blog.trendmicro.com/trendlabs-security-intelligence/mobile-cyberespionage-campaign-distributed-through-callerspy-mounts-initial-phase-of-a-targeted-attack/
Trend Micro
Mobile Campaign Start Targeted Attacks Using CallerSpy
We found a new spyware family hosted on a phishing website, and may initially be used for a targeted attack campaign. We first came across the threat in May via http://gooogle.press/ advertising a chat app called “Chatrious.”
Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
👍1
Exploiting unpatched Android StrandHogg vulnerability demo
https://youtu.be/yI0Xh5Oc0x4
https://youtu.be/yI0Xh5Oc0x4
YouTube
Android StrandHogg vulnerability demo | Exploit | PoC | Malware
Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
If you launch Facebook, malware is executed.
In the video is simple exploitation of the vulnerability.
More info: https://promon.co/security…
Vulnerability allows malicious app to masquerade as any other app on the device.
If you launch Facebook, malware is executed.
In the video is simple exploitation of the vulnerability.
More info: https://promon.co/security…
Analysis of Android Downloader Trojans
https://securityintelligence.com/posts/the-role-of-evil-downloaders-in-the-android-mobile-malware-kill-chain/
https://securityintelligence.com/posts/the-role-of-evil-downloaders-in-the-android-mobile-malware-kill-chain/
Security Intelligence
The Role of Evil Downloaders in the Android Mobile Malware Kill Chain
Malware on official mobile app stores is a growing concern for all users. Increasingly, malware developers are getting around sophisticated app store controls by using mobile malware downloaders.
[updated] Android App Reverse Engineering 101
https://maddiestone.github.io/AndroidAppRE/
https://maddiestone.github.io/AndroidAppRE/
Malicious Android apps observed during Thanksgiving season of 2019
https://securitynews.sonicwall.com/xmlpost/malicious-android-apps-observed-during-thanksgiving-season-of-2019/
https://securitynews.sonicwall.com/xmlpost/malicious-android-apps-observed-during-thanksgiving-season-of-2019/
Chasing the Joker
Android SMS subnoscription bot distributed over Google Play #slides
https://docs.google.com/presentation/d/1sFGAERaNRuEORaH06MmZKeFRqpJo1ol1xFieUa1X_OA/edit#slide=id.p1
Android SMS subnoscription bot distributed over Google Play #slides
https://docs.google.com/presentation/d/1sFGAERaNRuEORaH06MmZKeFRqpJo1ol1xFieUa1X_OA/edit#slide=id.p1
Google Docs
Joker
Chasing the Joker
DeStroid
Fighting String Encryption in Android Malware
https://github.com/fkie-cad/DeStroid/blob/master/DeStroid_bonus_slides.pdf
Fighting String Encryption in Android Malware
https://github.com/fkie-cad/DeStroid/blob/master/DeStroid_bonus_slides.pdf
GitHub
DeStroid/DeStroid_bonus_slides.pdf at master · fkie-cad/DeStroid
Fighting String Encryption in Android Malware. Contribute to fkie-cad/DeStroid development by creating an account on GitHub.
Forwarded from fs0c131y - Official Channel (Elliot Alderson)
Androids Invisible Foreground Services and
How to (Ab)use Them https://i.blackhat.com/eu-19/Thursday/eu-19-Sutter-Simple-Spyware-Androids-Invisible-Foreground-Services-And-How-To-Abuse-Them.pdf
How to (Ab)use Them https://i.blackhat.com/eu-19/Thursday/eu-19-Sutter-Simple-Spyware-Androids-Invisible-Foreground-Services-And-How-To-Abuse-Them.pdf
Venus malware family found on Google Play targets carrier billing and advertising
https://www.evina.fr/evina-security-analyst-found-a-new-trojan-family-on-google-play/
https://www.evina.fr/evina-security-analyst-found-a-new-trojan-family-on-google-play/
Evina
The Fraud Observer - Evina
Once a month, the most valuable insights and news to fight fraud and grow your business.
SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html
https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html
Blogspot
SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
Posted by Ned Williamson, 20% on Project Zero Introduction I have a somewhat unique opportunity in this writeup to highlight my experie...
Doctor Web’s overview of mobile malware detected in November 2019
https://news.drweb.com/show/?i=13558&lng=en
https://news.drweb.com/show/?i=13558&lng=en
Dr.Web
Doctor Web’s overview of mobile malware detected in November 2019
A detailed walk through of reverse engineering CVE-2019-3568 (WhatsApp 0-day from May)
Slides: https://github.com/maddiestone/ConPresentations/blob/master/Jailbreak2019.WhatsUpWithWhatsApp.pdf
Video: https://thecyberwire.com/stories/Maddie-Stone-Whatsup-with-WhatsApp-A-Detailed-Walk-Through-of-Reverse-Engineering-CVE-2019-3568.html
Slides: https://github.com/maddiestone/ConPresentations/blob/master/Jailbreak2019.WhatsUpWithWhatsApp.pdf
Video: https://thecyberwire.com/stories/Maddie-Stone-Whatsup-with-WhatsApp-A-Detailed-Walk-Through-of-Reverse-Engineering-CVE-2019-3568.html
GitHub
ConPresentations/Jailbreak2019.WhatsUpWithWhatsApp.pdf at master · maddiestone/ConPresentations
Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.
A Deep Dive into Reversing Android Pre-Installed Apps
https://youtu.be/U6qTcpCfuFc
Slides: https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
https://youtu.be/U6qTcpCfuFc
Slides: https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
YouTube
Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps
This talk will detail the differences in reversing and analyzing pre-installed Android applications compared to the user-space applications that most security research has focused on. This will include things like identifying when a pre-installed application…
AndroidProjectCreator: Open an APK in Android Studio project
https://t.co/4diAmkM3oj?amp=1
https://t.co/4diAmkM3oj?amp=1
Forwarded from fs0c131y - Official Channel (Elliot Alderson)
Frida API Fuzzer to fuzz APIs of Android apps https://github.com/andreafioraldi/frida-fuzzer
GitHub
GitHub - andreafioraldi/frida-fuzzer: This experimetal fuzzer is meant to be used for API in-memory fuzzing.
This experimetal fuzzer is meant to be used for API in-memory fuzzing. - andreafioraldi/frida-fuzzer
Android Malware Sandbox
Modulable sandbox for quickly sandbox known or unknown families of Android Malware
https://github.com/Areizen/Android-Malware-Sandbox
Modulable sandbox for quickly sandbox known or unknown families of Android Malware
https://github.com/Areizen/Android-Malware-Sandbox
GitHub
GitHub - Areizen/Android-Malware-Sandbox: Android Malware Sandbox
Android Malware Sandbox. Contribute to Areizen/Android-Malware-Sandbox development by creating an account on GitHub.
Joker found on Google Play had victims in UAE
Android users in the UAE reported charges of more than AED 1000 per year from unwanted subnoscriptions
http://www.dubaichronicle.com/2019/12/14/uae-android-users-alert-scams-associated-with-mobile-apps/
Android users in the UAE reported charges of more than AED 1000 per year from unwanted subnoscriptions
http://www.dubaichronicle.com/2019/12/14/uae-android-users-alert-scams-associated-with-mobile-apps/
Dubaichronicle
UAE Android Users Alert: Scams Associated With Mobile Apps
Android users in the UAE on the increase in the number of mobile scams and unwanted subnoscriptions on mobile phones.
Adware on Google Play in apps with more than 16,100,000 installs in total
https://twitter.com/sh1shk0va/status/1205510874250825728?s=19
https://twitter.com/sh1shk0va/status/1205510874250825728?s=19
Twitter
Tatyana Shishkova
#Adware on Google Play in apps with more than 16,100,000 installs in total. Thanks to Igor Golovin https://t.co/cK4uX6oRAj 10,000,000+ installs https://t.co/AssfFxA37Z 5,000,000+ installs https://t.co/pH0qLC0p25 1,000,000+ installs https://t.co/GrjBPpwaMg…
iOS Imgur app - A Realm database example
https://abrignoni.blogspot.com/2019/12/ios-imgur-app-realm-database-example.html
https://abrignoni.blogspot.com/2019/12/ios-imgur-app-realm-database-example.html
Blogspot
Initialization Vectors
Learning DFIR.