40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Security Analysis of WeChat’s MMTLS Encryption Protocol
https://citizenlab.ca/2024/10/should-we-chat-too-security-analysis-of-wechats-mmtls-encryption-protocol/
Hidden in Plain Sight: ErrorFather’s Deadly Deployment of Cerberus
https://cyble.com/blog/hidden-in-plain-sight-errorfathers-deadly-deployment-of-cerberus/
CellGuard is a research project that analyzes how cellular networks are operated and possibly surveilled.
The CellGuard app for iOS can uncover cellular attacks targeting your iPhone
https://github.com/seemoo-lab/CellGuard
Introduction to the Exploitation of Xamarin Apps
justmobilesec/introduction-to-the-exploitation-of-xamarin-apps-fde4619a51bf" rel="nofollow">https://medium.com/@justmobilesec/introduction-to-the-exploitation-of-xamarin-apps-fde4619a51bf
Low-Level Development on Retail Android Hardware - Reconnaissance and Prototyping a Bootloader
https://blog.timschumi.net/2024/10/05/lldorah-bootloader-prototype.html
Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users
https://www.group-ib.com/blog/pig-butchering/
Modern iOS Pentesting: No Jailbreak Needed - My Framer Site
https://dvuln.com/blog/modern-ios-pentesting-no-jailbreak-needed
Examining Mobile Threats from Russia
https://blog.bushidotoken.net/2024/09/examining-mobile-threats-from-russia.html
Hacking Kia: Remotely Controlling Cars With Just a License Plate
The vulnerability would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate
https://samcurry.net/hacking-kia
SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites
https://blog.sekoia.io/silentselfie-uncovering-a-major-watering-hole-campaign-against-kurdish-websites/
Octo2: European Banks Already Under Attack by New Malware Variant
https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant
Undetected Android Spyware Targeting Individuals In South Korea
https://cyble.com/blog/undetected-android-spyware-targeting-individuals-in-south-korea/
Exploiting Android Client WebViews with Help from HSTS
1-click account takeover vulnerability discovered in a popular Indonesian Android Tokopedia app
https://seanpesce.blogspot.com/2024/09/exploiting-android-client-webviews-with.html
Jailbreak your Enemies with a Link: Remote Execution on iOS
The Trident Exploit Chain deep-dive (Part I)
https://jacobbartlett.substack.com/p/jailbreak-enemies-with-a-link-remote-execution
Wild vulnerabilities discovered in mobile dating app - Feeld with 1 Million installs on Google Play
-Disclosure of profile information to non-premium users
-Read other people’s messages
-access to other people’s photos & videos from their chats
-delete, recover and edit other people’s messages
-Update someone else’s profile information
-Send messages in other people’s chat
-Get a ‘Like’ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
Zscalar Threat report 2024: Mobile, IoT, & OT
Mobile remains a top threat vector with 111% spyware growth while IoT attacks rise 45%
Overview: https://www.zscaler.com/blogs/security-research/new-threatlabz-report-mobile-remains-top-threat-vector-111-spyware-growth
Report: https://www.zscaler.com/resources/industry-reports/threatlabz-mobile-iot-ot-report.pdf
Expanding the Investigation: Deep Dive into Latest TrickMo Samples
https://www.zimperium.com/blog/expanding-the-investigation-deep-dive-into-latest-trickmo-samples/
SIMurai is software that emulates a SIM card, which helps in fuzzing modem firmware for vulnerabilities or testing SIM spyware
Github: https://github.com/tomasz-lisowski/simurai
Paper: https://www.usenix.org/system/files/usenixsecurity24-lisowski.pdf
Presentation: https://www.usenix.org/system/files/usenixsecurity24_slides-lisowski.pdf
Google will blog sidloading of unsafe Android apps in India as improved fraud protection
It will automatically block the installation of apps only based on using of sensitive permissions
https://blog.google/intl/en-in/products/launching-enhanced-fraud-protection-pilot-in-india/
Transform your smartphone into a portable hacking lab
Lear how to set up Kali Linux Pi-Tail and control it with just your smartphone. Plus, get some of my tips on troubleshooting common issues along the way
Read more: https://www.mobile-hacker.com/2024/10/04/portable-hacking-lab-control-the-smallest-kali-linux-with-a-smartphone/
The Dark Knight Returns: Android Joker Malware Analysis
https://cert.pl/posts/2024/10/analiza-joker/
Analysis and PoC for CVE-2024-7965 vulnerability that allows to execute arbitrary code in the Google Chrome
It affects mostly Android smartphones and Apple laptops released after November 2020.
If hackers have an exploit to escape from the browser sandbox, they can gain full control over the browser application: read passwords and hijack user sessions.
Info: https://bi.zone/eng/expertise/blog/analiz-uyazvimosti-cve-2024-7965/
PoC: https://github.com/bi-zone/CVE-2024-7965
How hackers can exploit Wi-Fi Captive Portals to distribute Android malware all from a smartphone using WifiPumpkin on NetHunter
https://www.mobile-hacker.com/2024/09/27/wifipumpkin3-integrated-into-nethunter-powerful-duo-allows-malware-distribution-via-captive-portal/
WalletConnect Scam: A Case Study in Crypto Drainer Tactics
https://research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
A step-by-step guide to writing an iOS kernel exploit
https://alfiecg.uk/2024/09/24/Kernel-exploit.html
How the Necro Trojan infiltrated Google Play, again
https://securelist.com/necro-trojan-is-back-on-google-play/113881/
0-Click exploit discovered in MediaTek Wi-Fi chipsets affects routers and smartphones (CVE-2024-20017).
Published PoC can be tested even from a smartphone
Technical details: https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html
PoC: https://github.com/mellow-hype/cve-2024-20017
Advanced Frida Usage Part 10 – Instruction Tracing using Frida Stalker
https://8ksec.io/advanced-frida-usage-part-10-instruction-tracing-using-frida-stalker/
Android Bytecode Exploitation
Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
Diving into ADB protocol internals (1/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12