Browsing tag
Scanning APK file for URIs, endpoints & secrets. Installation To install apkLeaks, simply: $ git clone https://github.com/dwisiswant0/apkleaks $ cd apkleaks/ $ pip install -r requirements.txt Or download at release tab. Dependencies This package works in Python2 (not Python3). Install global packages: Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl […]
A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. “Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging […]
Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper, the malware has already infected more than 45,000 Android devices in just […]
Researchers discovered an open-source spyware AhMyth associated with Google play store app called RB Music to intrude the Android users device to steal various sensitive information. RB Music also know as Radio Balouch, a malicious streaming radio based Android app appeared in Google play store borrowed malicious features and functionality from AhMyth to infect the Android users […]
Are you using an Android device? Beware! You should be more careful while playing a video on your smartphone—downloaded anywhere from the Internet or received through email. That’s because, a specially crafted innocuous-looking video file can compromise your Android smartphone—thanks to a critical remote code execution vulnerability that affects over 1 billion devices running Android […]
BianLian malware was first detected in October 2018; the malware aims in stealing OTP authentication codes, check balances, inject push notifications, and also capable of locking device and ask users to pay the ransomware. The updated version of the malware contains a Screencast Module to records the screens of the infected device and Socks5 module […]
Android Horror game uses malicious scripts to steal the user’s login credentials and uses ad networks to drive more traffic and cause damage to the affected device. Wandera’s threat research team identified the malicious app on the Google Play Store. The app fools the Google Play Store’s rigorous security checks, “by using time-released malicious behavior, […]
If you remember in September 2018, we came across a report from Nightwatch Cybersecurity regarding a security vulnerability in Android that allowed malicious apps to bypass permissions checks, and as a result, gain access to reading the information, including the location of the device. According to Nightwatch Cybersecurity, the vulnerability affects all versions of Android […]
Researchers discovered new malicious Android apps from Google Play Store bypassing SMS-based two-factor authentication (2FA) mechanisms and steal the OTP without SMS’s permission. Google recently restrict other apps to use of high risk or sensitive permissions, including the SMS or Call Log in March 2019 that leads malware and credentials stealing apps lost its permissions. Newly uncovered malicious apps […]
According to Twitter, a bug that revealed the user’s location information, and shared it with an unnamed Twitter partner has been fixed. “We have discovered that we inadvertently collect and shared iOS location data with one of our trusted partners in certain circumstances,” the company said. According to the blog posts, the bug only affects […]
Google has removed 85 Android apps from the official Play Store after it was reported that these apps were adware-infected. Google took the decision to suspend the apps after researchers at security firm Trend Micro discovered that these apps, which masqueraded as games and remote controller simulators, contained a common strain of adware. The researchers […]
There is a huge difference between an Android antivirus and an Android app that offers vulnerability scans. The former has questionable effectiveness due to the way Google developed Android as a Linux-based system with a sandbox app system. APK files do not interact with other Android apps on a deep level, as each app is […]
You’ve probably encountered notifications on your Android phone that a new patch and update is now available for download. Maybe, sometimes, you instantly update it once you received these kinds of notifications or, for whatever reason, you choose to delay or completely ignore it and just continue in using the current version of the software […]
Even though Google has managed to establish Android as the top smartphone operating system in the world, it has failed on a major front that ensures the security of your smartphone. Here, I’m talking about regular updates and security patches. The latest Android version is currently running on about 1% of total devices, which is […]
In the first week of every month, Google releases the monthly Android security patch for Nexus and Pixel devices. And, sticking to its monthly schedule, Google has released the Android security patch for this month as well. Every month Google releases its monthly Android security patches, and the same way they did it for Nexus […]
Cyber security researchers have reportedly discovered what they think is the first Krotin-based malware affecting the Android OS. The discovery has been made by researchers at Trend Micro; a Trend Micro blog post on the same says- “We spotted a malicious app (detected by Trend Micro as ANDROIDOS_BKOTKLIND.HRX) that appears to be the first developed […]
A java tool that helps to pentest Android apps faster, more easily and more efficiently. AndroTickler offers many features of information gathering, static and dynamic checks that cover most of the aspects of Android apps pentesting. It also offers several features that pentesters need during their pentests. AndroTickler also integrates with Frida to provide method […]
Another crop of Android apps hiding malware have been discovered in – and removed from – the Google Play store. Researchers at ESET discovered eight apps available to download via Google Play which all carried Trojan Dropper, a form of malware which allows attackers to drop additional malicious payloads ranging from banking trojans to spyware. […]
To keep our personal data safe we use Antivirus, but what results if the Antivirus solution can’t be trusted. Security experts form Check Point discovered a Mobile antivirus DU Antivirus Security collecting user information without their permission. According to google play store data, this app downloaded between 10 and 50 million times and have a […]
Cloak & Dagger attack discovered by security experts from Georgia Institute of Technology, which allows attackers to get complete control over your device. These attack just require two permission that, in the event that the application is installed from the Play Store, the client does not require to grant permission and even the users are […]
Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas. What is QuadRooter? QuadRooter is a […]