40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Operation Triangulation: iOS devices targeted with previously unknown malware
This malware compromised several Kaspersky employees: The target iOS device receives a message via the iMessage service, with an attachment containing an exploit. Without any user interaction, the message triggers a vulnerability that leads to code execution.
https://securelist.com/operation-triangulation/109842/
Crash WhatsApp using one message
Video demo how it is possible to crash group chat using one message. If you open the chat, WhatsApp will always crash.
✅️To temporarily fix the issue, you have to remove the crash message using WhatsApp web
https://www.instagram.com/reel/Cs3iGe3ORuw/?igshid=MzRlODBiNWFlZA==
Android apps containing spyware SpinOk module was discovered in 101 apps on Google Play Store with alltogether 421,000,000+ install
It can exfiltrate:
- list of files in specified directories,
- verify the presence of a specified file or a directory on the device,
- file from the device, and
- copy or substitute the clipboard contents
https://news.drweb.com/show/?lng=en&i=14705
Flipper zero can root Xiaomi vaccum robot using usb uart app
https://www.reddit.com/r/flipperzero/comments/13sabij/flipper_zero_can_be_used_for_xiaomi_vaccum_robot/
Tutorial: https://builder.dontvacuum.me/dreame/
“FleeceGPT” mobile apps target AI-curious to rake in cash
https://news-sophos-com.cdn.ampproject.org/c/s/news.sophos.com/en-us/2023/05/17/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash/
Google introduced Mobile VRP: Mobile Vulnerability Rewards Program (Mobile VRP) focuses on first-party Android applications developed or maintained by Google
https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
Emulating Android native library to decrypt strings using Qiling Framework
https://youtu.be/R1zWh3fbY24
Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel
This paper presents an exploit for a unique Binder kernel use-after-free (UAF) vulnerability which was disclosed recently (CVE-2022-20421)
Write-up: https://0xkol.github.io/assets/files/Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
Slides: https://0xkol.github.io/assets/files/OffensiveCon23_Racing_Against_the_Lock__Exploiting_Spinlock_UAF_in_the_Android_Kernel.pdf
PoC: https://github.com/0xkol/badspin
Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices
https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html
Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-Valsamaras-Dirty-Stream-Attack-Turning-Android.pdf
Revisiting Stealthy Sensitive Information Collection from Android Apps [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf
Converso app: How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso
https://crnkovic.dev/testing-converso/
I/O 2023: What's new in Android security and privacy
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
http://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html
DroidFrida: Android app for executing frida scripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/
GSMA Mobile Telecommunications Security Landscape in 2022
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf
Beautifying Native Android Code in Ghidra!
We partially native APK, extract the native binaries, and analyze the native ELF binary
https://youtu.be/sK_jsQ5bJUk
Android DogeRAT: Technical analysis of open-source Android Remote Access Trojan (RAT)
https://cloudsek.com/blog/dogerat-the-android-malware-campaign-targeting-users-across-multiple-industries
Permhash: The permhash framework can be used to identify previously unknown APK, CRX, AXML samples through pivoting and clustering
Tool: https://github.com/google/permhash
Research: https://www.mandiant.com/resources/blog/permhash-no-curls-necessary
Daam (BouldSpy) Android Botnet recommendations from India CERT
https://www.csk.gov.in/alerts/Daam_android_botnet.html
A technical analysis of Intellexa's PREDATOR mobile spyware
https://blog.talosintelligence.com/mercenary-intellexa-predator/
AhRat: Android RAT discovered on Google Play Store based on AhMyth RAT that exfiltrates files and records audio
https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/
BrutePrint: Android phones are vulnerable to fingerprint brute-force attacks
https://arxiv.org/pdf/2305.10791.pdf
Hacking Chess.com: Unlocking Premium Bots on the Android App
icebre4ker/hacking-chess-com-my-journey-to-unlock-premium-bots-on-the-android-app-d8cac9d25094" rel="nofollow">https://medium.com/@icebre4ker/hacking-chess-com-my-journey-to-unlock-premium-bots-on-the-android-app-d8cac9d25094
Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy? [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-Saleem-Weaponizing-mobile-Infrastructure.pdf
Two Bugs With One PoC: Rooting Pixel 6 From Android 12 to Android 13 [slides] #BlackHatAsia23
http://i.blackhat.com/Asia-23/AS-23-WANG-Two-bugs-with-one-PoC-Rooting-Pixel-6-from-Android-12-to-Android-13.pdf
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
Advanced Frida Usage Part 1 – iOS Encryption Libraries
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/
JAMBOREE: Portable all in one tool to install essential Android tools (Java, Android tools, Magisk, BurpSuit, Objection, Root Emulator, Frida etc.)
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
Three ways how to dynamically load code into an Android application at runtime
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/
Analysis of Android SpyNote spyware targeting Indian Railway Catering and Tourism Corporation (IRCTC) users
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/