Mobile

Pierluigi Paganini August 08, 2023
43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off. Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off. The experts pointed out that this behavior […]

Pierluigi Paganini August 04, 2023
Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented to detect malicious code uploaded to the Google Play Store. The technique is not new […]

Pierluigi Paganini July 20, 2023
Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]

Pierluigi Paganini July 11, 2023
Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug

Apple released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address an actively exploited zero-day. Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw, tracked as CVE-2023-37450, that has been actively exploited in the wild. Tricking the victim into processing specially crafted web content may lead to […]

Pierluigi Paganini July 11, 2023
Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution. These tools are used by criminals involved in online-banking theft to impersonate compromised account holders and […]

Pierluigi Paganini July 09, 2023
Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 million users. Both applications are file management apps from the same […]

Pierluigi Paganini July 08, 2023
Google addressed 3 actively exploited flaws in Android

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. “There are indications that the following may be under limited, targeted exploitation.” reads the security bulletin. The CVE-2023-26083 is […]

Pierluigi Paganini July 04, 2023
Neo_Net runs eCrime campaign targeting clients of banks globally

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. A joint study conducted by vx-underground and SentinelOne recently revealed that a Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting financial institutions worldwide. The case was […]

Pierluigi Paganini June 29, 2023
The phone monitoring app LetMeSpy disclosed a data breach

Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy disclosed a security breach, threat actors have stolen sensitive data associated with thousands of Android users, including messages, locations, call logs, e-mail addresses, and telephone numbers. According to a notice published by the company, the […]

Pierluigi Paganini June 22, 2023
Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari

Apple rolled out security updates to address actively exploited zero-day flaws in iOS, iPadOS, macOS, watchOS, and Safari. Apple addressed a set of vulnerabilities in iOS, iPadOS, macOS, watchOS, and the Safari browser that were actively exploited in the wild. The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435, exploited as part […]