169 matches found
How Malicious Android Apps Slip Into Disguise
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. At issue is a...
Mexico-Based Hacker Targets Global Banks with Android Malware
An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. The activity is being attributed to an actor codenamed NeoNet, according to...
Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as...
Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as...
Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with a setting to delete their accounts in an attempt to provide more transparency and control over their data. "For apps that enable app account creation, developers will soon need to...
Apk.Sh - Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources and some bash to automate the frida gadget...
APKHunt - Comprehensive Static Code Analysis Tool For Android Apps That Is Based On The OWASP MASVS Framework
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their cod...
Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its Privacy Not Included initiative, compar...
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced...
These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites
A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign. The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectivel...
TikTok: bypass two-factor authentication in Android apps and web
A vulnerability was found where a random timeout issue on a Two-Step Verification endpoint could have resulted in a potential bypass of authentication if multiple incorrect attempts were entered in quick succession. It was found that this vulnerability required access to the user's email/password...
These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million Times
As many as 16 malicious apps with over 20 million cumulative downloads have been taken down from the Google Play Store after they were caught committing mobile ad fraud. The Clicker malware masqueraded as seemingly harmless utilities like cameras, currency/unit converters, QR code readers,...
Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware
A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code...
These 28+ Android Apps with 10 Million Downloads from the Play Store Contain Malware
As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. "All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper...
DroidDetective - A Machine Learning Malware Analysis Framework For Android Apps
A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications APKs for potential malware related behaviour and configurations. When provided with a path to an application APK file Droid Detective will make a prediction using it'...
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer
More than 200 Android apps masquerading as fitness, photo editing, and puzzle apps have been observed distributing spyware called Facestealer to siphon user credentials and other valuable information. "Similar to Joker, another piece of mobile malware, Facestealer changes its code frequently, thu...
CVE-2021-3898
Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker...
Apps removed from Google Play for harvesting user data
Dozens of apps were removed from the Google Play Store after they were found to be harvesting the data of device owners. The code in question—a software development kit SDK—was used inside apps which were downloaded over 10 million times. What happened? A wide range of Android apps were found to...
Securitas breached, 3TB of airport employee records exposed
An unsecured AWS server, found open to the public Internet, is the root cause of a huge compromise of data of airport employees in Colombia and Peru. This server, according to a report, belongs to Securitas, a Stockholm-based multinational company that provides security services like security...
CVE-2021-20873
Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may ...