Mobile

Pierluigi Paganini August 30, 2023
Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores. The malware […]

Pierluigi Paganini August 21, 2023
Spoofing an Apple device and tricking users into sharing sensitive data

White hat hackers at the recent hacking conference Def Con demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. At the recent Def Con hacking conference, white hat hackers demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. As reported by Techcrunch, attendees […]

Pierluigi Paganini August 19, 2023
Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection

Threat actors are using Android Package (APK) files with unsupported compression methods to prevent malware analysis. On June 28th, researchers from Zimperium zLab researchers observed that Joe Sandbox announced the availability of an Android APK that could not be analyzed from most of the anti-decompilation tools. The APT could be installed on Android devices running […]

Pierluigi Paganini August 17, 2023
Experts devise an exploit for Apple iOS 16 that relies on fake Airplane Mode

Researchers detailed a new exploit for Apple iOS 16 that can allow attackers to gain access to a device even when the victim believes it is in Airplane Mode. Jamf Threat Labs researchers developed a post-exploit persistence technique on iOS 16 that trick victims into believing that the device is in functional Airplane Mode. In […]

Pierluigi Paganini August 08, 2023
43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off. Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off. The experts pointed out that this behavior […]

Pierluigi Paganini August 04, 2023
Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented to detect malicious code uploaded to the Google Play Store. The technique is not new […]

Pierluigi Paganini July 20, 2023
Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]

Pierluigi Paganini July 11, 2023
Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug

Apple released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address an actively exploited zero-day. Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw, tracked as CVE-2023-37450, that has been actively exploited in the wild. Tricking the victim into processing specially crafted web content may lead to […]

Pierluigi Paganini July 11, 2023
Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution. These tools are used by criminals involved in online-banking theft to impersonate compromised account holders and […]

Pierluigi Paganini July 09, 2023
Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 million users. Both applications are file management apps from the same […]