Android

Pierluigi Paganini September 06, 2022
A new Android malware used to spy on the Uyghur Community

Experts spotted new Android spyware that was used by China-linked threat actors to spy on the Uyghur community in China. Researchers from Cyble Research & Intelligence Labs (CRIL) started their investigation after MalwareHunterTeam experts shared information about a new Android malware used to spy on the Uyghur community. The malware disguised as a book titled “The China […]

Pierluigi Paganini September 01, 2022
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. The experts pointed out that most of the apps containing hard-coded Amazon Web Services […]

Pierluigi Paganini August 31, 2022
A flaw in TikTok Android app could have allowed the hijacking of users’ accounts

Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking. Microsoft researchers discovered a high-severity flaw (CVE-2022-28799) in the TikTok Android app, which could have allowed attackers to hijack users’ accounts with a single click. The experts state that the vulnerability would have required the chaining with other […]

Pierluigi Paganini August 17, 2022
Bugdrop dropper includes features to circumvent Google’s security Controls

Researchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric discovered a previously undetected Android dropper, dubbed BugDrop, which is under active development and was designed to bypass security features that will be implemented in the next release of the Google OS. The experts noticed something unusual in the […]

Pierluigi Paganini August 15, 2022
SOVA Android malware now also encrypts victims’ files

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The latest version of the […]

Pierluigi Paganini July 31, 2022
17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. Trend Micro researchers uncovered a malicious campaign that leveraged 17 seemingly harmless Android dropper apps, collectively tracked as DawDropper, on the Google Play Store to distribute banking malware. The DawDropper apps are masqueraded as productivity and utility apps such […]

Pierluigi Paganini June 20, 2022
BRATA Android Malware evolves and targets the UK, Spain, and Italy

The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to […]

Pierluigi Paganini June 16, 2022
Malicious apps continue to spread through the Google Play Store

Researchers at antivirus firm Dr. Web discovered malware in the Google Play Store that was downloaded two million times. An investigation conducted by the antivirus firm Dr. Web in May resulted in the discovery of multiple adware and information-stealing malware on the official Google Play Store. However, the experts warn that info-stealing Trojans are the […]

Pierluigi Paganini May 27, 2022
Android pre-installed apps are affected by high-severity vulnerabilities

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research Team discovered four vulnerabilities (CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework, owned by mce Systems, that is used by several mobile carriers in pre-installed Android System apps. The researchers discovered the flaws in September 2021 and […]

Pierluigi Paganini May 23, 2022
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox. The five 0-day vulnerabilities […]