Android Security Monthly Recap #4 | April 2019

#1 Financial Apps are Ripe for Exploit via Reverse Engineering PDF: https://info.arxan.com/rs/300-EOJ-215/images/aite-research-financial-mobile-apps.pdf #2 Google Fixes Two Critical Android Code Execution Vulnerabilities #3 New Version of XLoader That Disguises as Android Apps and an iOS Profile Holds New Links to FakeSpy #4 Beware of stalkerware #5 BasBanke: Trend-setting Brazilian banking Trojan #6 Xiaomi Vulnerability: When Security

Continue reading Android Security Monthly Recap #4 | April 2019

Android Security Monthly Recap #3 | March 2019

Topics #1 Dalil app -Caller ID mondogoDB leak #2 Android Messaging: A Few Bugs Short of a Chain #3 Gone in six seconds? Exploiting car alarms #4 How I hacked my Xiaomi MiBand 2 fitness tracker — a step-by-step Linux guide by Andrey Nikishaev #5 Owner of MAGA-Friendly Yelp Knockoff Threatens to Call FBI After Researcher Exposes

Continue reading Android Security Monthly Recap #3 | March 2019

Android Security Monthly Recap #2 | February 2019

Topics #1 Fake WhatsApp updates on Google Play abusing Accessibility Service, with 10,000+ installs. Family known since Dec 2018. #2 Legitimately Exploiting In-App Payment Would you pay over €200/month or €400/month if you forget to unsubscribe after 3 day trial period. #3 Banking Trojans in Turkey #4 Fake rating in icon #5 MalBus: Popular South

Continue reading Android Security Monthly Recap #2 | February 2019

Android Clipper found on Google Play | video demo

The first Android Trojan Clipper – that exchanges cryptocurrency address in copied clipboard – was discovered on Google Play. Android Clipper targeted Bitcoin and Ethereum cryptocurrency addresses when being copied in to clipboard and replaced them with the attacker’s wallet address. Once this transaction is sent, it can not be canceled. Functionality In the video

Continue reading Android Clipper found on Google Play | video demo

Fake cryptocurrency wallets found on Play Store

Attackers are not only interested in mobile banking credentials and credit cards information to get access to victim’s funds, but also in cryptocurrency. Recently, I found four fake applications on Google Play Store that tried to trick users either in to luring their credentials or impersonating cryptocurrency wallets. These threats imitate legitimate services for NEO,

Continue reading Fake cryptocurrency wallets found on Play Store

Malware discovered on Google Play with over 5,000 installs was available to download for almost a year

I found a Trojan on Play Store available for download almost for a year. Its malicious functionality was hidden inside “Simple Call Recorder” application published by “FreshApps Group”. The main purpose was to download an additional app and trick the user into installing it as Flash Player Update. Simple Call Recorder was uploaded on Google

Continue reading Malware discovered on Google Play with over 5,000 installs was available to download for almost a year

Video analysis of Android banking Trojan found on Google Play

Android threat that steals victim login credentials for mobile banking applications was recently found on Google Play. App “Easy Rates Converter” was available on the Store for six days and downloaded over 500 times before it was removed. This Trojan lures victims into inserting their login credentials for social media, mobile banking and cryptocurrency apps.

Continue reading Video analysis of Android banking Trojan found on Google Play

Android banking malware found on Google Play with over 10,000 installs targets Brazil

New Android malware banking family was recently found targeting users from Brazil. Trojans are distributed not only through Google Play store but also on Facebook through promoted ads. Android banker impersonates a performance improving app called “Clean Droid” with over 500 installs, a Facebook monitor app “Quem viu teu perfil” with over 10,000 installs and

Continue reading Android banking malware found on Google Play with over 10,000 installs targets Brazil

Trending app from Google Play has no other functionality than displaying ads

I found over 50 malicious apps on Play Store with all together over 350,000 installs. Some of these apps are already removed from market place but many of them are still available to download. Apps has been on the Store for the last couple of months. Most of these apps are designed for kids as

Continue reading Trending app from Google Play has no other functionality than displaying ads