Analysis of Android SpyNote spyware targeting Indian Railway Catering and Tourism Corporation (IRCTC) users
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/
K7 Labs
SpyNote targets IRCTC users
We at K7 Labs, recently came across an email message as shown in Figure 1, from Indian Railway Catering and [โฆ]
๐9
GSMA Mobile Telecommunications Security Landscape in 2022
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf
๐8โค2
Three ways how to dynamically load code into an Android application at runtime
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/
Erev0S
3 ways for Dynamic Code Loading in Android
erev0s blog for cyber security and more
๐12๐1
DroidFrida: Android app for executing frida scripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/
https://github.com/ac3ss0r/DroidFrida/
GitHub
GitHub - ac3ss0r/DroidFrida: Portable frida injector for rooted android devices.
Portable frida injector for rooted android devices. - ac3ss0r/DroidFrida
๐27๐คฎ4
JAMBOREE: Portable all in one tool to install essential Android tools (Java, Android tools, Magisk, BurpSuit, Objection, Root Emulator, Frida etc.)
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
GitHub
GitHub - freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy: Java Android Magisk Burp Objection Root Emulator Easyโฆ
Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE) - freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
๐14โค1
I/O 2023: What's new in Android security and privacy
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
https://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
https://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html
Google Online Security Blog
I/O 2023: What's new in Android security and privacy
Posted by Ronnie Falcon, Product Manager Android is built with multiple layers of security and privacy protections to help keep you, your...
๐16๐ฅ1๐ฅฐ1๐1
Advanced Frida Usage Part 1 โ iOS Encryption Libraries
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/
๐12โค1
Converso app: How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso
https://crnkovic.dev/testing-converso/
https://crnkovic.dev/testing-converso/
crnkovic.dev
Testing a new encrypted messaging app's extraordinary claims
How I breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger.
๐13๐ฅ7
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
SEC Consult
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App
Multiple vulnerabilities have been identified in the Kiddoware Kids Place Parental Control Android App. Users of the parent's web dashboard can be attacked via cross site scripting or cross site request forgery vulnerabilities, or attackers may upload arbitraryโฆ
๐14โค2๐ค1
Revisiting Stealthy Sensitive Information Collection from Android Apps [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf
๐7
Two Bugs With One PoC: Rooting Pixel 6 From Android 12 to Android 13 [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-WANG-Two-bugs-with-one-PoC-Rooting-Pixel-6-from-Android-12-to-Android-13.pdf
https://i.blackhat.com/Asia-23/AS-23-WANG-Two-bugs-with-one-PoC-Rooting-Pixel-6-from-Android-12-to-Android-13.pdf
๐7
Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Valsamaras-Dirty-Stream-Attack-Turning-Android.pdf
https://i.blackhat.com/Asia-23/AS-23-Valsamaras-Dirty-Stream-Attack-Turning-Android.pdf
๐9โค2
Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy? [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Saleem-Weaponizing-mobile-Infrastructure.pdf
https://i.blackhat.com/Asia-23/AS-23-Saleem-Weaponizing-mobile-Infrastructure.pdf
๐8
Lemon Groupโs Cybercriminal Businesses Built on Preinfected Devices
https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html
https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html
Trend Micro
Lemon Groupโs Cybercriminal Businesses Built on Preinfected Devices
An overview of the Lemon Groupโs use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singaporeโฆ
๐12โค1
Hacking Chess.com: Unlocking Premium Bots on the Android App
https://medium.com/@icebre4ker/hacking-chess-com-my-journey-to-unlock-premium-bots-on-the-android-app-d8cac9d25094
https://medium.com/@icebre4ker/hacking-chess-com-my-journey-to-unlock-premium-bots-on-the-android-app-d8cac9d25094
Medium
Hacking Chess.com: My Journey to Unlock Premium Bots on the Android App
Introduction
๐17โค4๐ค1๐คฏ1
Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel
This paper presents an exploit for a unique Binder kernel use-after-free (UAF) vulnerability which was disclosed recently (CVE-2022-20421)
Write-up: https://0xkol.github.io/assets/files/Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
Slides: https://0xkol.github.io/assets/files/OffensiveCon23_Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
PoC: https://github.com/0xkol/badspin
This paper presents an exploit for a unique Binder kernel use-after-free (UAF) vulnerability which was disclosed recently (CVE-2022-20421)
Write-up: https://0xkol.github.io/assets/files/Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
Slides: https://0xkol.github.io/assets/files/OffensiveCon23_Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
PoC: https://github.com/0xkol/badspin
๐8
BrutePrint: Android phones are vulnerable to fingerprint brute-force attacks
https://arxiv.org/pdf/2305.10791.pdf
https://arxiv.org/pdf/2305.10791.pdf
๐14๐ค2
Emulating Android native library to decrypt strings using Qiling Framework
https://youtu.be/R1zWh3fbY24
https://youtu.be/R1zWh3fbY24
YouTube
Emulating Android library to decrypt strings (Qiling Framework)
#android #mobilesecurity #emulation #qilingframework #reversengineering #pentest
In this video we are going to see how to extract encrypted strings present inside a native library of an android app which are used in performing various environmental checksโฆ
In this video we are going to see how to extract encrypted strings present inside a native library of an android app which are used in performing various environmental checksโฆ
๐9
AhRat: Android RAT discovered on Google Play Store based on AhMyth RAT that exfiltrates files and records audio
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/
WeLiveSecurity
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET research uncovers AhRat, a new Android RAT based on AhMyth that steals files and records audio and was distributed via an app in the Google Play Store.
๐10๐3
Google introduced Mobile VRP: Mobile Vulnerability Rewards Program (Mobile VRP) focuses on first-party Android applications developed or maintained by Google
https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
Google
Google Mobile Vulnerability Reward Program Rules | Google Bug Hunters
Googleโs Mobile Vulnerability Rewards Program (Mobile VRP) focuses on first-party Android applications developed or maintained by Google. The Mobile VRP recognizes the contributions and hard work of researchers who help Google improve the security...
๐14๐4
A technical analysis of Intellexa's PREDATOR mobile spyware
https://blog.talosintelligence.com/mercenary-intellexa-predator/
https://blog.talosintelligence.com/mercenary-intellexa-predator/
Cisco Talos Blog
Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexaโฆ
๐10๐ฅฐ1