Recherche : [Android]

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide https://blog.cyble.com/2023/01/31/inthebox-web-injects-targeting-android-banking-applications-worldwide/?hss_channel=tw-1141929006603866117

31/01/2023 23:02:11

Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,

Analyzing and remediating a malware infested T95 TV box from Amazon https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon

31/01/2023 22:59:54

Find out why one of our Android experts has been obsessing over a little black box from Amazon.

Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) https://research.nccgroup.com/2023/01/20/technical-advisory-multiple-vulnerabilities-in-the-galaxy-app-store-cve-2023-21433-cve-2023-21434/

21/01/2023 14:37:26

The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications. Two vulnerabilities were uncovered with the Galaxy App Store application: Technical…

StrongPity espionage campaign targeting Android users https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/

11/01/2023 22:39:31

ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.

Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/

05/12/2022 11:17:24

Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read more on our blog.

Samsung, LG, Mediatek certificates compromised to sign Android malware https://www.bleepingcomputer.com/news/security/samsung-lg-mediatek-certificates-compromised-to-sign-android-malware/

02/12/2022 15:27:16

Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware.

Google Online Security Blog: Memory Safe Languages in Android 13 https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html

02/12/2022 12:45:56

As the amount of new memory-unsafe code entering Android has decreased, so too has the number of memory safety vulnerabilities. From 2019 to 2022 it has dropped from 76% down to 35% of Android’s total vulnerabilities. 2022 is the first year where memory safety vulnerabilities do not represent a majority of Android’s vulnerabilities.

Android SharkBot Droppers on Google Play Underline Platform's Security Needs https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/

22/11/2022 21:24:35

A common theme we've noticed in the last few months consists of malicious apps
distributed directly from the Google Play Store.

Inside TheTruthSpy, the stalkerware network spying on thousands • TechCrunch https://techcrunch.com/2022/10/26/inside-thetruthspy-stalkerware/

28/10/2022 23:51:46

Leaked data obtained by TechCrunch reveals the notorious network of Android spyware apps tracked locations and recorded calls of Americans.

Cyble Phishing ERMAC Android Malware Increasingly Active https://blog.cyble.com/2022/10/18/ermac-android-malware-increasingly-active/

18/10/2022 10:45:03

CRIL Investigates the resurgence of ERMAC Android Malware as an increasing number of users are falling prey to their phishing attacks.

Poseidon’s Offspring: Charybdis and Scylla https://www.humansecurity.com/learn/blog/poseidons-offspring-charybdis-and-scylla

26/09/2022 11:10:59

HUMAN's Satori Threat Intelligence and Research Team uncovered a network of 89 Android and iOS apps committing various flavors of ad fraud.

Joker, Facestealer and Coper banking malwares on Google Play store https://www.zscaler.com/blogs/security-research/joker-facestealer-and-coper-banking-malwares-google-play-store

19/07/2022 08:43:01

Joker, Facestealers and Banker swarming Google Play store

Flubot: the evolution of a notorious Android Banking Malware https://blog.fox-it.com/2022/06/29/flubot-the-evolution-of-a-notorious-android-banking-malware/?s=09

01/07/2022 07:48:54

Flubot is an Android based malware that has been distributed in the past 1.5 years in
Europe, Asia and Oceania affecting thousands of devices of mostly unsuspecting victims.
Like the majority of Android banking malware, Flubot abuses Accessibility Permissions and Services
in order to steal the victim’s credentials, by detecting when the official banking application
is open to show a fake web injection, a phishing website similar to the login form of the banking
application. An important part of the popularity of Flubot is due to the distribution
strategy used in its campaigns, since it has been using the infected devices to send
text messages, luring new victims into installing the malware from a fake website.
In this article we detail its development over time and recent developments regarding
its disappearance, including new features and distribution campaigns.

Lookout Découverte d'un logiciel espion Android déployé au Kazakhstan https://fr.lookout.com/blog/hermit-spyware-discovery

20/06/2022 08:19:14

Lookout Les chercheurs de Threat Lab ont découvert un logiciel de surveillance Android de niveau entreprise utilisé par le gouvernement du Kazakhstan à l'intérieur de ses frontières. D'après notre analyse, le logiciel espion est probablement développé par le fournisseur italien de logiciels espions RCS Lab S.p.A.

Android FluBot enters Switzerland – SWITCH Security-Blog https://securityblog.switch.ch/2021/06/19/android-flubot-enters-switzerland/

02/06/2022 10:43:14

FluBot is a new Android malware first discovered in December 2020. During the first few months, FluBot has been active in Spain, Hungary and Poland. Since then, the development of the malware advan…

Takedown of SMS-based FluBot spyware infecting Android phones https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones

02/06/2022 10:09:07

This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3). The investigation is ongoing to identify the individuals behind this global malware campaign. Here is how FluBot worked First spotted...

Protecting Android users from 0-Day attacks https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/

22/05/2022 16:26:48

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

Complete dissection of an APK with a suspicious C2 Server https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/

02/04/2022 12:06:04

During our analysis of the Penquin-related infrastructure we reported in our previous post, we paid special attention to the malicious binaries contacting these IP addresses, since as we showed in the analysis, they had been used as C2 of other threats used by Turla.

Liens par page

Filtres