TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks
https://www.threatfabric.com/blogs/toad-fraud.html
https://www.threatfabric.com/blogs/toad-fraud.html
ThreatFabric
TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks
ThreatFabricβs analysts uncovered a network of phishing websites targeting Italian online-banking users and aiming to steal their banking credentials.
π15
Forwarded from The Bug Bounty Hunter
Meta iOS Hacking talk from BountyCon by @phwd_
https://docs.google.com/presentation/d/1PPsyLhTxMAk1IyIp6p5ls0dhnqm3xVQKb8rE9z-N548/
https://docs.google.com/presentation/d/1PPsyLhTxMAk1IyIp6p5ls0dhnqm3xVQKb8rE9z-N548/
Google Docs
Meta iOS Hunting
π16β€2
Banking trojans disguised as shopping apps attack Malaysian Android users
https://news.drweb.com/show/?i=14585&lng=en
https://news.drweb.com/show/?i=14585&lng=en
Dr.Web
Banking trojans disguised as shopping apps attack Malaysian Android users
Doctor Web reports on the discovery of banking trojan apps that target Malaysian users. Malicious actors distribute them as mobile shopping apps. Unlike many other bankers, these not only have icons and basic store names, but also work just like such appsβ¦
π8
New Malicious Clicker found in apps installed by 20M+ users
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-malicious-clicker-found-in-apps-installed-by-20m-users/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-malicious-clicker-found-in-apps-installed-by-20m-users/
McAfee Blog
New Malicious Clicker found in apps installed by 20M+ users | McAfee Blog
Authored by SangRyol Ryu Cybercriminals are always after illegal advertising revenue. As we have previously reported, we have seen many mobile malwares
π7
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware (APT-C-50)
https://www.welivesecurity.com/2022/10/20/domestic-kitten-campaign-spying-iranian-citizens-furball-malware/
https://www.welivesecurity.com/2022/10/20/domestic-kitten-campaign-spying-iranian-citizens-furball-malware/
WeLiveSecurity
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
APT-C-50βs Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware posing as an Android translation app.
π8π€2
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
https://medium.com/s2wblog/unveil-the-evolution-of-kimsuky-targeting-android-devices-with-newly-discovered-mobile-malware-280dae5a650f
https://medium.com/s2wblog/unveil-the-evolution-of-kimsuky-targeting-android-devices-with-newly-discovered-mobile-malware-280dae5a650f
Medium
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
Author: Sebin, Lee & Yeongjae, Shin | S2W TALON
π8
SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri (CVE-2022-32946 - $7000 bounty)
"Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets."
https://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop
"Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets."
https://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop
Rambo Codes
SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri | Rambo Codes
Gui Rambo writes about his coding and reverse engineering adventures.
π11β€1
In Android Authority poll, 19.72% out of 3,300 voters stated their Android is rooted
https://www.androidauthority.com/android-phone-rooted-poll-results-3225345/
https://www.androidauthority.com/android-phone-rooted-poll-results-3225345/
Android Authority
We asked, you told us: Your Android phone definitely isn't rooted
There are many reasons to root your Android phone, but it turns out that most polled readers don't have a rooted daily driver.
π6π₯°3
π€‘49π8π2
Analysis of ERMAC 2.0: Evades MFA to Steal Banking Credentials of Over 400 Android Apps
https://quointelligence.eu/2022/10/new-ermac-2-0/
https://quointelligence.eu/2022/10/new-ermac-2-0/
QuoIntelligence
ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps
New ERMAC (2.0) Evades MFA to Steal Banking Credentials of Over 400 Android Apps, Android trojans continue to proliferate and evolve.
π11π4β€1
Malware wars: the attack of the droppers (Sharkbot, Vultur)
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
Threatfabric
Malware wars: the attack of the droppers
ThreatFabricβs analysts discovered multiple new droppers on Google Play Store distributing banking Trojans.
π10π5
A TECHNICAL ANALYSIS OF PEGASUS FOR ANDROID β PART 3
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
π8
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and launch an application
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
SSD Secure Disclosure
SSD Advisory β Galaxy Store Applications Installation/Launching without User Interaction - SSD Secure Disclosure
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing remote attackers to trigger a remote command execution in the phone.
π18
Drinik Android Malware Returns With Advanced Capabilities Targeting Indian Taxpayers
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
π9π₯3
New SandStrike spyware infects Android devices via malicious VPN app
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
BleepingComputer
New SandStrike spyware infects Android devices via malicious VPN app
Threat actors are using a newly discovered spyware known as SandStrike and delivered via a malicious VPN application to target Persian-speaking Android users.
π11π’3
Malware on the Google Play store leads to harmful phishing sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
Malwarebytes
Malware on the Google Play store leads to harmful phishing sites
A family of malicious apps from developer Mobile apps Group are on Google Play infected with HiddenAds.
π17
Pixel 6 bootloader: Emulation, ROP (part 2)
https://eshard.com/posts/pixel6bootloader-2
https://eshard.com/posts/pixel6bootloader-2
π10π1
Analysis of SOVA Android Banking Trojan
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
π11π1
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
projectzero.google
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain - Project Zero
Posted by Maddie Stone, Project Zero Note: The three vulnerabilities discussed in this blog were all fixed in Samsungβs March 2021 release. They were...
β€18π4
Massive Phishing Campaigns Target India Banksβ Clients
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
Trend Micro
Massive Phishing Campaigns Target India Banksβ Clients
π11