Android BasBanke: Behavior on infected device (distribution, install, phishing overlay)
https://youtu.be/IFAVLypbeF4
https://youtu.be/IFAVLypbeF4
YouTube
Android banking Trojan BasBanke | Malware demo | infected device | Brazilian banker
How Android banking Trojan (BasBanke) behaves on real infected device.
Name BasBanke was picked by Kaspersky Lab because in 2018 this Trojan targeted Brazilian banking applications.
Technical details: https://lukasstefanko.com/2018/10/android-banking-malware…
Name BasBanke was picked by Kaspersky Lab because in 2018 this Trojan targeted Brazilian banking applications.
Technical details: https://lukasstefanko.com/2018/10/android-banking-malware…
Android Banking Trojan Targets Spanish, Portuguese Speaking Users
https://securityintelligence.com/posts/new-android-banking-trojan-targets-spanish-portuguese-speaking-users/
https://securityintelligence.com/posts/new-android-banking-trojan-targets-spanish-portuguese-speaking-users/
Security Intelligence
New Android Banking Trojan Targets Spanish, Portuguese Speaking Users
IBM X-Force recently analyzed a new Android banking Trojan dubbed "Banker.BR" that appears to be targeting users in Spain, Portugal, Brazil and other parts of Latin America.
Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant
https://www.volexity.com/blog/2020/04/21/evil-eye-threat-actor-resurfaces-with-ios-exploit-and-updated-implant/
https://www.volexity.com/blog/2020/04/21/evil-eye-threat-actor-resurfaces-with-ios-exploit-and-updated-implant/
Volexity
Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant
In September 2019, Volexity published Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs, which described a series of attacks against Uyghurs from multiple Chinese APT actors. The most notable threat […]
iOS RCE vulnerability enables an attacker to remotely infect a device by sending emails (0-click)
https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/
https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/
Jamf
Jamf Threat Labs | Blog
CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag
https://insinuator.net/2020/04/cve-2020-0022-an-android-8-0-9-0-bluetooth-zero-click-rce-bluefrag/
https://insinuator.net/2020/04/cve-2020-0022-an-android-8-0-9-0-bluetooth-zero-click-rce-bluefrag/
How Anubis banking Trojan behaves on infected device
-distributed as fake Coronavirus map app
-targeted #Italy
-campaign active from 21.03.2020
-server included APK builder, with 130 already built APKs
-177 infected devices
https://youtu.be/U0UsfO-0uJM
-distributed as fake Coronavirus map app
-targeted #Italy
-campaign active from 21.03.2020
-server included APK builder, with 130 already built APKs
-177 infected devices
https://youtu.be/U0UsfO-0uJM
YouTube
Android banking Trojan Anubis | Malware demo | infected device | covid19 | targets Italy
How Android banking Trojan (Anubis) behaves on real infected device
This particular Anubis was successfully distributed for almost a month via fake covid19 map website as fake map. The same way how I demonstrated in the video, were successfully infected…
This particular Anubis was successfully distributed for almost a month via fake covid19 map website as fake map. The same way how I demonstrated in the video, were successfully infected…
New Character Bug in Messages Causing iOS Devices to Crash
https://www.macrumors.com/2020/04/23/ios-character-bug-device-crashes/
https://www.macrumors.com/2020/04/23/ios-character-bug-device-crashes/
MacRumors
PSA: New Character Bug in Messages Causing iOS Devices to Crash [Updated]
There appears to be a new character-linked bug in Messages, Mail, and other apps that can cause the iPhone, iPad, Mac, and Apple Watch to crash when...
APKEnum: A Python Utility For APK Enumeration https://medium.com/@shivsahni2/apkenum-a-python-utility-for-apk-enumeration-cce0eda6fa30
luject - a static injector of dynamic library for application
https://github.com/lanoox/luject
https://github.com/lanoox/luject
GitHub
GitHub - hack0z/luject: 🍹A static injector of dynamic library for application (android, iphoneos, macOS, windows, linux)
🍹A static injector of dynamic library for application (android, iphoneos, macOS, windows, linux) - hack0z/luject
Android App Reverse Engineering - Part 1
https://youtu.be/BijZmutY0CQ
https://youtu.be/BijZmutY0CQ
YouTube
Android App Reverse Engineering LIVE! - Part 1
Live stream of teaching Part 1 of the Android App Reverse Engineering workshop on 24 April 2020 by Maddie Stone (@maddiestone). Workshop is available at https://maddiestone.github.io/AndroidAppRE
Donation Link for SF-Marin Foodbank: https://us-p2p.netdo…
Donation Link for SF-Marin Foodbank: https://us-p2p.netdo…
Lucy’s Back: Ransomware Goes Mobile
https://research.checkpoint.com/2020/lucys-back-ransomware-goes-mobile/
https://research.checkpoint.com/2020/lucys-back-ransomware-goes-mobile/
Check Point Research
Lucy’s Back: Ransomware Goes Mobile - Check Point Research
Research by: Ohad Mana, Aviran Hazum, Bogdan Melnykov, Liav Kuperman Overview Ransomware attacks have been a part of the security landscape for a long time. We are familiar with infamous malware such as CryptoLocker, WannaCry and Ryuk, all of which have caused…
👍1
PhantomLance campaign analysis
https://securelist.com/apt-phantomlance/96772/
https://securelist.com/apt-phantomlance/96772/
Securelist
Hiding in plain sight: PhantomLance walks into a market
In July 2019, a sophisticated backdoor trojan in Google Play was reported. We conducted an inquiry of our own, discovering a long-term campaign, which we dubbed “PhantomLance”.
How to hook Android Native methods with Frida (Noob Friendly)
https://erev0s.com/blog/how-hook-android-native-methods-frida-noob-friendly/
https://erev0s.com/blog/how-hook-android-native-methods-frida-noob-friendly/
Erev0S
How to hook Android Native methods with Frida (Noob Friendly)
Hooking C/C++ code in Android application using Frida with introduction and explainations in every step - noob friendly
Android IPC: Part 1 - Introduction
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=46
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=46
Android IPC: Part 2 - Binder and Service Manager Perspective
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=48
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=48
Cerberus distributed over company's MDM server
https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
https://research.checkpoint.com/2020/first-seen-in-the-wild-mobile-as-attack-vector-using-mdm/
Check Point Research
First seen in the wild - Malware uses Corporate MDM as attack vector - Check Point Research
Research by: Aviran Hazum, Bogdan Melnykov, Chana Efrati, Danil Golubenko, Israel Wernik, Liav Kuperman, Ohad Mana Overview: Check Point researchers discovered a new Cerberus variant which is targeting a multinational conglomerate, and is distributed by the…
EventBot: A Android Banking Trojan analysis
https://www.cybereason.com/blog/eventbot-a-new-mobile-banking-trojan-is-born
https://www.cybereason.com/blog/eventbot-a-new-mobile-banking-trojan-is-born
Cybereason
EventBot: A New Mobile Banking Trojan is Born
The Cybereason Nocturnus team is investigating EventBot, a new type of Android mobile malware. EventBot abuses accessibility features to steal user data from financial applications, read user SMS messages, and steal SMS messages to allow the malware to bypass…
Forwarded from The Bug Bounty Hunter
Stealing your SMS messages with iOS 0day
https://wojciechregula.blog/post/stealing-your-sms-messages-with-ios-0day/
https://wojciechregula.blog/post/stealing-your-sms-messages-with-ios-0day/
wojciechregula.blog
Stealing your SMS messages with iOS 0day
This is a special post because I fully based on another researcher, s1guza’s 0day. All of this story began from the following tweet:
Siguza told us that his 0day was patched in the iOS 13.5 beta3. So this is actually a sandbox escape 0day for the newest,…
Siguza told us that his 0day was patched in the iOS 13.5 beta3. So this is actually a sandbox escape 0day for the newest,…
Popular Android malware threats - April, 2020
http://skptr.me/malware_timeline_2020.html
Samples: https://github.com/sk3ptre/AndroidMalware_2020
http://skptr.me/malware_timeline_2020.html
Samples: https://github.com/sk3ptre/AndroidMalware_2020
GitHub
GitHub - sk3ptre/AndroidMalware_2020: Popular Android malware seen in 2020
Popular Android malware seen in 2020. Contribute to sk3ptre/AndroidMalware_2020 development by creating an account on GitHub.
Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use
https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use
Forbes
Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use
Xiaomi is collecting users’ browser habits and phone usage, raising red flags for privacy researchers.