Android

Pierluigi Paganini April 07, 2017
Vulnerability in Apple Music for Android could be exploited to steal user data

Apple fixed a vulnerability tracked as CVE-2017-2387 in the Apple Music for Android that could allow attackers to launch MitM attacks on the application. The update released Apple for the Apple Music application for Android fixes a certificate validation issue that can be exploited by an attacker to run MitM attacks and intercept user data. […]

Pierluigi Paganini April 04, 2017
Android Chrysaor spyware went undetected for years

Chrysaor spyware is an Android surveillance malware that remained undetected for at least three years, NSO Group Technology is suspected to be the author. Security experts at Google and Lookout spotted an Android version of one of the most sophisticated mobile spyware known as Chrysaor that remained undetected for at least three years. due to its […]

Pierluigi Paganini March 23, 2017
Rogue Cellphone towers used to spread the Android Swearing Trojan

Chinese scammers are deploying rogue cellphone towers to spread the Android Swearing Trojan via malicious URL in SMS messages. Chinese scammers are deploying fake mobile base stations to spread the Android Swearing Trojan in text messages. The attackers have improved the well-known Smishing attack using rogue cell phone towers as the attack vector and distribute the Android […]

Pierluigi Paganini March 12, 2017
Flaws in MAC address randomization implemented by vendors allow mobile tracking

Researchers devised a new attack method that can be leveraged to track mobile devices that rely on MAC address randomization mechanism. The MAC address is a unique and an hardcoded identifier assigned to a device’s network interface. This characteristic makes it an excellent tool for the tracking of the devices. A group of researchers from the U.S. Naval […]

Pierluigi Paganini March 11, 2017
Check Point experts spotted pre-Installed Android Malware on 38 Android devices

Experts discovered pre-installed malware on 38 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi and Asus. In the past, security experts have already reported cases of pre-installed malware on mobile devices. In September 2015, security experts at G-Data security firm discovered new cases of Chinese Android mobile devices infected by […]

Pierluigi Paganini February 18, 2017
Mobile car apps implement poor security measures advantaging car thieves

Experts at Kaspersky Lab have analyzed several Android car apps and discovered that most of them lack proper security features to protect vehicles. Security researchers from antivirus vendor Kaspersky Lab have analyzed seven of the most popular Android apps that allow to remotely control millions of modern cars. The experts discovered that the Android apps, whose name […]

Pierluigi Paganini February 14, 2017
Experts warn of the rapid growth of the Marcher Android banking Trojan

Malware researchers at the security firm Securify have published a detailed analysis of the Marcher Android banking Trojan. Security experts at the Securify have published a detailed analysis of the Marcher Android banking Trojan, a threat that has been around since late 2013. First variants of the malware were developed to trick users into handing over their payment card […]

Pierluigi Paganini January 25, 2017
HummingWhale – HummingBad Android Malware returns even more dangerous than before

Last year, the HummingBad Android malware infected as many as 85 million devices, now it has returned under the new name of HummingWhale. CERT-EU and other sources corroborated Check Point researchers’ findings which recently confirmed a new variant of the ad-fraud-big-money-making, HummingBad, is spreading rapidly on the Android marketplace Google Play.  HummingBad was first seen […]

Pierluigi Paganini January 23, 2017
BankBot, an Android malware based on a source code leaked online

Antivirus firm Dr. Web spotted a new Android malware dubbed BankBot that is based on a source code that was leaked on an underground forum. Bad news for Android users, researchers from the Russian antivirus maker Dr. Web have reported that the source code for another Android banking malware has been leaked on an underground hacking […]

Pierluigi Paganini January 06, 2017
Analyzing a variant of the GM Bot Android malware

My friends at CyberBlog decided to analyze the GM Bot Android Malware as exercise aiming to receive feedback sand suggestions from the security community. The sample explored is confirmed as a variant of the GM Bot Android malware – who’s source was released publicly in early 2016. The code appears to have been forked by a second […]