LianSpy: new Android spyware targeting Russian users
https://securelist.com/lianspy-android-spyware/113253/
https://securelist.com/lianspy-android-spyware/113253/
Securelist
LianSpy: Android spyware leveraging Yandex Disk as C2
Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2.
๐ฉ8๐5๐3๐ฅฑ3
Google fixed Kernel RCE vulnerability in Android (CVE-2024-36971) that was most-likely used for targeted exploitation
https://source.android.com/docs/security/bulletin/2024-08-01
https://source.android.com/docs/security/bulletin/2024-08-01
๐คก13๐4โค1
5GBaseChecker: a security analysis framework that helps to hunt for 5G vulnerabilities
https://github.com/SyNSec-den/5GBaseChecker
https://github.com/SyNSec-den/5GBaseChecker
GitHub
GitHub - SyNSec-den/5GBaseChecker
Contribute to SyNSec-den/5GBaseChecker development by creating an account on GitHub.
๐10๐3โค2๐2๐1
The Way to Android Root: Exploiting Your GPU On Smartphone (CVE-2024-23380)
[slides] https://i.blackhat.com/BH-US-24/Presentations/REVISED_US24-Gong-The-Way-to-Android-Root-Wednesday.pdf
[slides] https://i.blackhat.com/BH-US-24/Presentations/REVISED_US24-Gong-The-Way-to-Android-Root-Wednesday.pdf
๐11๐ฑ2๐ฅ1๐1๐1
Dynamic Analysis Technique of Android Malware by Injecting Smali Gadgets
Patch APK with logcat output as alternative to using Frida
https://blogs.jpcert.or.jp/en/2024/08/smaligadget.html
Patch APK with logcat output as alternative to using Frida
https://blogs.jpcert.or.jp/en/2024/08/smaligadget.html
JPCERT/CC Eyes
Dynamic Analysis Technique of Android Malware by Injecting Smali Gadgets - JPCERT/CC Eyes
When dynamically analyzing Android malware, it is currently difficult to follow its code using debuggers unlike Windows malware. Although there is a technique [1] to hook a method dynamically by Frida [2], obtaining the in-progress state of the method is...
๐คก11๐คฃ9โค8๐6๐ฉ6๐2
Android Game Hacking: Increase money in Dude Theft Wars Shooting
https://8ksec.io/hacking-android-games/
https://8ksec.io/hacking-android-games/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Hacking Android Games - 8kSec
Learn the process involved in hacking Android games and learn how to distinguish between app hacking and game hacking within the Android ecosystem.
๐ฅ17๐2
Android Vulnerability Impacting Millions of Pixel Devices Around the World
https://iverify.io/blog/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world
https://iverify.io/blog/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world
iverify.io
iVerify Discovers Android Vulnerability Impacting Millions of Pixel Devices Around the World
iVerify discovered an Android package, with excessive system privileges on a very large percentage of Pixel devices shipped worldwide.
๐คฎ7๐3๐1
Exploiting Androidโs Hardened Memory Allocator
PoC: https://github.com/HexHive/scudo-exploitation
Paper: https://nebelwelt.net/publications/files/24WOOT.pdf
PoC: https://github.com/HexHive/scudo-exploitation
Paper: https://nebelwelt.net/publications/files/24WOOT.pdf
GitHub
GitHub - HexHive/scudo-exploitation
Contribute to HexHive/scudo-exploitation development by creating an account on GitHub.
๐8๐ฅ5
Media is too big
VIEW IN TELEGRAM
RCE on Xiaomi 13 Pro (CVE-2023-26324)
๐Exploitation:
1) Open URL in WebView
2) Inject JavaScript
3) Execute JavaScript Interface functions from vulnerable GetApps to install & launch payload
4) Get shell
๐Slides with PoC: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Ken%20Gannon%20Ilyes%20Beghdadi%20-%20Xiaomi%20The%20Money%20Our%20Toronto%20Pwn2Own%20Exploit%20and%20Behind%20The%20Scenes%20Story.pdf
๐Exploitation:
1) Open URL in WebView
2) Inject JavaScript
3) Execute JavaScript Interface functions from vulnerable GetApps to install & launch payload
4) Get shell
๐Slides with PoC: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Ken%20Gannon%20Ilyes%20Beghdadi%20-%20Xiaomi%20The%20Money%20Our%20Toronto%20Pwn2Own%20Exploit%20and%20Behind%20The%20Scenes%20Story.pdf
๐ฅ28๐7๐2
Exploiting Bluetooth: From your car to the bank account
Defcon slides: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Vladyslav%20Zubkov%20Martin%20Strohmeier%20-%20Exploiting%20Bluetooth%20-%20from%20your%20car%20to%20the%20bank%20account%24%24.pdf
Defcon slides: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Vladyslav%20Zubkov%20Martin%20Strohmeier%20-%20Exploiting%20Bluetooth%20-%20from%20your%20car%20to%20the%20bank%20account%24%24.pdf
๐ฅ14๐5โค2๐1
The ColorOS Internet Browser (com.heytap.browser) app for Android allows a remote attacker to execute arbitrary JavaScript code
PoC: https://github.com/actuator/com.heytap.browser
PoC: https://github.com/actuator/com.heytap.browser
GitHub
GitHub - actuator/com.heytap.browser: CVE-2024-23729
CVE-2024-23729. Contribute to actuator/com.heytap.browser development by creating an account on GitHub.
๐12๐ฅ3
Sophisticated phishing method targeted mobile users via Progressive Web Apps (iOS, Android) and WebAPKs (Android) to mimic banking apps. Installing WebAPK apps doesn't warn the victim about installing a third-party application and they even appear to have been installed from the Google Play store
https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/
https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/
Welivesecurity
Be careful what you pwish for โ Phishing in PWA applications
ESET Research uncovers a novel method of phishing; targeting Android and iOS users via PWAs, and on Android also WebAPKs, without warning the user about installing a third-party app.
๐8๐5
New Android malware - NGate - relays NFC data from victimsโ payment cards, via victimsโ compromised mobile phones, to attacker's device waiting at an ATM to withdraw cash
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
Welivesecurity
NGate Android malware relays NFC traffic to steal cash
ESET Research uncovers Android malware that relays NFC data from victimsโ payment cards, via victimsโ mobile phones, to the device of a perpetrator waiting at an ATM.
๐13๐6๐ฅ4โค1
Technical Analysis of Copybara
https://threatlabz.zscaler.com/blogs/security-research/technical-analysis-copybara
https://threatlabz.zscaler.com/blogs/security-research/technical-analysis-copybara
๐7
How to root an Android device for analysis and vulnerability assessment
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/
Pen Test Partners
How to root an Android device for analysis and vulnerability assessment | Pen Test Partners
TL;DR Introduction For mobile testing, be it for apps or hardware, having complete control over the device is essential for analysis and vulnerability assessment. Rooting an Android device allows us to gain root privileges, giving us full access to the OSโฆ
๐ฅ13๐8๐คก4
Intercepting iHealth app traffic with Caido and Frida
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI
Brownfinesecurity
Intercepting Mobile Application Traffic with Caido and Frida - Brown Fine Security
๐ฅ10๐4
Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF) could allow malicious actors to execute code remotely on servers running MobSF (CVE-2024-43399)
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf
Daily CyberSecurity
CVE-2024-43399: Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF)
Discover the critical vulnerability in MobSF - CVE-2024-43399. Find out how this flaw could lead to remote code execution and the potential impact on app security.
๐ฅ25๐3โค2
Rocinante: Analysis of new Android banking trojan
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante
ThreatFabric
Rocinante: The trojan horse that wanted to fly
New DTO malware appears in Brazil, posing as security updates and banking applications.
๐11๐3โค1
Reverse Engineering Obfuscated Flutter App
https://youtu.be/0uUSwMg2suk
https://youtu.be/0uUSwMg2suk
YouTube
Reverse Engineering Obfuscated Flutter App
#flutterobfuscatedapp #mobilesecurity #dartdecompilation #dartobjectpool #reverse-engineering
Hello everyone and welcome to another video on Flutter by FatalSec. In this video we are gonna learn how to deal with an obfuscated flutter application by resolvingโฆ
Hello everyone and welcome to another video on Flutter by FatalSec. In this video we are gonna learn how to deal with an obfuscated flutter application by resolvingโฆ
๐24โค1
New Phishing Campaign Spreads EagleSpy Android Malware
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
D3Lab
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con SpyNote e CraxsRAT, rivelando le sofisticate tecniche diโฆ
๐8๐3
GPUAF Using a general GPU exploit tech to attack Pixel 8
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q
YouTube
Off-By-One 2024 Day 1 - GPUAF Using a general GPU exploit tech to attack Pixel8
Abstract
Last year, we developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploitedโฆ
Last year, we developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploitedโฆ
๐ฅ14๐3