40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Heap overflow in JPEG loading in Samsung's Little Kernel in bootloader allows a privileged attacker to execute persistent arbitrary code (it survives reboots and factory reset) CVE-2024-20832
Paper: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Slides: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
New Fileless Malware Framework "GhostHook" Targets Android Devices
https://iverify.io/post/new-fileless-malware-framework-ghosthook-targets-android-devices
BingoMod: The new android RAT that steals money and wipes data
https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data
iOS Reverse Engineering
https://github.com/GhidraEnjoyr/iOS-Reverse-Engineering
Android CraxsRAT strikes in Malaysia
https://www.group-ib.com/blog/craxs-rat-malaysia/
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps
https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/
How to install Kali NetHunter on TicWatch Pro 3
https://www.mobile-hacker.com/2024/07/25/how-to-install-kali-nethunter-on-ticwatch-pro-3/
WhatsApp trick: Android malware can impersonate PDF file
https://www.mobile-hacker.com/2024/07/23/whatsapp-trick-android-malware-can-impersonate-pdf-file/
Hacking a 2014 tablet... in 2024!
https://blog.r0rt1z2.com/hacking-a-2014-tablet-in-2024.html
Beware of BadPack: One Weird Trick Being Used Against Android Devices
https://unit42.paloaltonetworks.com/apk-badpack-malware-tampered-headers/
Cellebrite leaked documents display which Android and iOS versions it is capable to unlock and access data from
https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
APKscan: Scan for secrets, endpoints, API keys, tokens, credentials in Android apps
https://github.com/LucasFaudman/apkscan
Jailbreaking Rabbit R1 running RabbitOS
https://www.da.vidbuchanan.co.uk/blog/r1-jailbreak.html
Android & iOS mobile security cheatsheets
https://github.com/justmobilesec/Android-iOS-Cheat-Sheet/
I have created a dedicated WhatsApp channel with focus on Mobile offensive security, tools, tutorials, red team (without malware news)
Feel free to join and share:
https://whatsapp.com/channel/0029VabYeVdGOj9oBPNRMk3c
Posting in this channel will not be stopped or terminated
BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities
https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities
Introducing the new Mobile App Security Weakness Enumeration (MASWE).
This brand new OWASP MAS resource bridges the gap between MASVS high-level controls and MASTG low-level testing, using a similar approach to CWEs.
https://mas.owasp.org/news/2024/07/30/new-maswe/
Open Redirect in Login Redirect in MobSF (CVE-2024-41955)
Update to MobSF v4.0.5.
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4
BlueStacks (Android emulator) privilege escalation through VM backdooring (CVE-2024-33352)
https://github.com/mmiszczyk/CVE-2024-33352
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
https://securelist.com/mandrake-apps-return-to-google-play/113147/
Vulnerability in Telegram for Android: Use-after-free in Connection::onReceivedData
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
Android spyware named Ratel pretending to be Hamster Kombat game distributed via an unofficial Telegram channel
https://www.welivesecurity.com/en/eset-research/tap-estry-threats-targeting-hamster-kombat-players/
Part 1: Injecting and Exploiting Synthetic Remote Vulnerabilities to explore Signal-iOS and WebRTC
https://margin.re/2024/07/you-cant-spell-webrtc-without-rce-part-1/
Exploiting the EvilVideo vulnerability on Telegram
Discovered a 0-day Telegram for Android exploit that allows sending malicious apps disguised as videos
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
Konfety Spreads ‘Evil Twin’ Android Apps for Multiple Fraud Schemes
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-konfety-spreads-evil-twin-apps-for-multiple-fraud-schemes
Use TicWatch Pro as a Keystroke Injector
https://www.mobile-hacker.com/2024/07/18/ticwatch-pro-as-a-keystroke-injector/
Install NetHunter on TicWatch Pro after flashing factory firmware + troubleshooting
https://www.mobile-hacker.com/2024/07/17/install-nethunter-on-ticwatch-pro-after-flashing-factory-firmware/
TicWatch Pro: Returning to Factory Firmware
If you messed up while rooting and installing NetHunter, you can always go back to stock ROM
https://www.mobile-hacker.com/2024/07/16/ticwatch-pro-returning-to-factory-firmware/
How to root and install NetHunter on TicWatch Pro and extend battery life
https://www.mobile-hacker.com/2024/07/15/how-to-install-nethunter-on-ticwatch-pro/
Analysis of the recent Android TangleBot malware sample
https://cryptax.medium.com/untangling-android-tanglebot-38a52cd8f420