WhatsSpy - Trace the moves of a WhatsApp user

WhatsSpy Public is an web-oriented application that tracks every move of whoever you like to follow. This application is setup as an Proof of Concept that Whatsapp is broken in terms of privacy. Once you've setup this application you can track users that you want to follow on Whatsapp. Once it's...

Espionage Campaign targets iOS devices with Malware apps

A malware campaign has been found targeting iOS devices linked to a wide range of entities, including European defense organizations, governments, and media sectors with dangerous espionage spyware capable of breaching non-jailbroken devices, a recent report claims. The spyware campaign, dubbed...

Yik Yak Patches Privacy Flaw in iOS App

Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical vulnerability in its iOS app that could have de-anonymized users and let attackers take total control of someone’s account. Yik Yak’s security team was apparently...

Xsser Trojan Spies on Jailbroken iOS Devices in Hong Kong

An iOS version of an Android espionage Trojan targeting activists and protestors in Hong Kong has been discovered on the command and control server hosting the Android malware. The iOS version, a mobile remote access Trojan dubbed Xsser by Lacoon Mobile Security, affects only jailbroken iOS...

AdThief iOS Malware Affecting 75K Jailbroken Devices

A relatively new form of malware on iOS is estimated to have stolen revenue from 22 million ads and infected upwards to 75,000 devices so far. The malware, iOS/AdThief, was first identified back in March but wasn’t fully articulated until Axelle Aprville, a researcher with Fortinet, looked into t...

'AdThief' Chinese Malware Infects Over 75,000 Jailbroken iOS devices

If you have jailbroken your iPhone, iPad, or iPod touch and have downloaded pirated tweaks from pirated repositories, then you may be infected by “AdThief” malware, a Chinese malware that is now installed on more than 75,000 iPhone devices. According to a recent research paper published on Virus...

iOS iFileExplorer Free - Directory Traversal

No description provided by source. Exploit Title: iPod Touch/iPhone iFileExplorer Free Directory Traversal Date: 04/03/2011 UK date format Author: theSmallNothing Software Link: http://itunes.apple.com/gb/app/ifileexplorer-protect-multi/id355253462?mt=8 Version: 2.8 Tested on: iPod Touch 2G 4.1...

iphone/ipad phone drive 1.1.1 - Directory Traversal

No description provided by source. !/usr/bin/python ---------------------------------------------------------------- Software : iPhone/iPad Phone Drive 1.1.1 Type of vulnerability : Directory Traversal Tested On : iPhone 4 IOS 4.3.3/Jailbroken...

Warning: Malware Campaign targeting Jailbroken Apple iOS Devices

A new piece of malicious malware infection targeting jailbroken Apple iOS devices in an attempt to steal users’ credentials, has been discovered by Reddit users. The Reddit Jailbreak community discovered the malicious infection dubbed as ‘Unflod Baby Panda’, on some jailbroken Apple iOS devices o...

iOS 7 Bug Could Allow Background Monitoring

It’s only been a few days since Apple fixed the nasty certificate-validation “goto fail” vulnerability in iOS and OSX and now word comes that another bug, one that could allow an attacker to monitor keystrokes on iOS 7 devices without the user being any the wiser, also exists. The problem...

New Apple vulnerability allows Malicious keylogger App to Record User Inputs

Yet another Apple vulnerability has been exposed by security researchers, that can be exploited to track your finger's every action on iOS Devices i.e. iPhone, iPad etc. The exploit reportedly targets a flaw in iOS multitasking capabilities to capture user inputs, according to Security researcher...

Mobile Malware Captures Keystrokes and Screengrabs

New proof-of-concept mobile malware logs keystrokes and captures screen-grabs on jailbroken iOS and Android devices in order to steal online log-in credentials and other sensitive information from targeted devices. In an interview with Threatpost, Trustwave senior security consultant Neal Hindoch...

Apple iOS Default SSH Password Vulnerability

This module exploits the default credentials of Apple iOS when it has been jailbroken and the passwords for the 'root' and 'mobile' users have not been changed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...

Android Vulnerability Bypasses App's Digital Signature

A vulnerability exists in the Android code base that would allow a hacker to modify a legitimate, digitally signed Android application package file APK and not break the app’s cryptographic signature—an action that would normally set off a red flag that something is amiss. Researchers at startup...

Apple IOS default SSH password Exploit-vulnerability warning-the black bar safety net

When the Apple iOS jailbreak and root and mobile users use the default password, you can use the following Metasploit to Exploit the use of the test. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework...

Apple iOS Default SSH Password Vulnerability

This module exploits the default credentials of Apple iOS when it has been jailbroken and the passwords for the root' and 'mobile' users have not been changed. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit...

Apple Jailbroken Device Detection via HTTPS

Binary data 7063.pasl...

Apple Profile Manager Jailbroken iOS Device Detection

Binary data appleprofilemanagerjailbroken.nbin...

Your Facebook credentials at risk on Android - iOS jailbroken devices

Your Facebook credentials at risk on Android - iOS jailbroken devices Facebook allows its authentication credentials to be stored in plain text within the Apple iOS version of its mobile app, allowing an attacker complete control over your Facebook account if he knows where to look. Security...

Facebook Reassures Users, But Hole May Put Mobile Data at Risk

UPDATED: Facebook Security assured users on Thursday who access their Facebook account via Android or iOS devices that mobile sessions on the social networking site aren’t vulnerable to hacking. However, research published this week suggests otherwise. A blog entry posted by UK-based mobile...