Mobile

Pierluigi Paganini June 13, 2022
Using WiFi connection probe requests to track users

Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics at the University of Hamburg (Germany) demonstrated that it is possible to use WiFi connection probe requests to identify and track devices and thereby their users. Mobile devices transmit probe requests to receive information about […]

Pierluigi Paganini June 02, 2022
An international police operation dismantled FluBot spyware

An international law enforcement operation involving 11 countries resulted in the takedown of the FluBot Android malware. An international law enforcement operation involving 11 countries led to the takedown of the infamous FluBot Android malware. The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United […]

Pierluigi Paganini June 01, 2022
New XLoader Botnet version uses new techniques to obscure its C2 servers

A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers from Check Point have discovered a new version of the XLoader botnet, which implements significant enhancements, such as a new technique to obscure the Command and Control infrastructure XLoader has been observed since 2020, it […]

Pierluigi Paganini May 30, 2022
A new WhatsApp OTP scam could allow the hijacking of users’ accounts

Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls. Recently CloudSEK founder Rahul Sasi warned of an ongoing WhatsApp OTP scam that could allow threat actors to hijack users’ accounts through phone calls. The fraudulent scheme is simple, threat actors make a phone call […]

Pierluigi Paganini May 27, 2022
Android pre-installed apps are affected by high-severity vulnerabilities

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research Team discovered four vulnerabilities (CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework, owned by mce Systems, that is used by several mobile carriers in pre-installed Android System apps. The researchers discovered the flaws in September 2021 and […]

Pierluigi Paganini May 27, 2022
ERMAC 2.0 Android Banking Trojan targets over 400 apps

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. ERMAC was first spotted by researchers from Threatfabric in July […]

Pierluigi Paganini May 17, 2022
Over 200 Apps on Play Store were distributing Facestealer info-stealer

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices. The malicious apps are able to steal credentials, Facebook cookies, and other personally identifiable information. Some […]

Pierluigi Paganini May 16, 2022
Experts show how to run malware on chips of a turned-off iPhone

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” A team of researchers from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt demonstrated a technique to tamper with the firmware and load malware onto a chip while an […]

Pierluigi Paganini May 05, 2022
Google addresses actively exploited Android flaw in the kernel

Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw. Google has released the second part of the May Security Bulletin for Android, which includes a fix for an actively exploited Linux kernel vulnerability tracked as CVE-2021-22600. The CVE-2021-22600 is a privilege escalation issue that […]

Pierluigi Paganini April 26, 2022
Anomaly Six, a US surveillance firm that tracks roughly 3 billion devices in real-time

An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. When we speak about the secretive business of surveillance businesses we often refer to the powerful tools developed by Israeli firms like NSO Group and Candiru, but many other firms operates in the shadow like the […]