40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Frida script to bypass root detection & SSL certificate pinning
https://github.com/0xCD4/SSL-bypass
SparkCat malware: OCR crypto stealers in Google Play and App Store
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/
Android Tria stealer: malware that exfiltrates data and hijack accounts
https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/
Vulnerability of hotel room Android kiosk tablets
It was possible to execute ADB commands, unlock bootloader and possibly escalate privileges to root. Pull kiosk apps for reverse engineering and obtain servers (pivot) or hardcoded secrets.
As a result attacker could pose as another guest room terminal and control the air conditioning and lights, place orders, display bills, and eavesdrop on chats
https://devblog.lac.co.jp/entry/20250124
Android malware in DoNot APT operations
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
Fully-remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the transcription service decodes incoming audio before a user interacts with the message for transcription purposes. Issue is fixed now.
https://project-zero.issues.chromium.org/issues/368695689
Unidbg to production
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
FireScam: Android information stealing malware with spyware capabilities
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
How to install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
Diving into ADB protocol internals (2/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-22.html
Discovery of 6 vulnerabilities in one Qualcomm driver and one of the used as In-the-Wild exploit
https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html
WiFi Calling: Revealing Downgrade Attacks and Not-so-private private Keys
https://i.blackhat.com/EU-24/Presentations/EU-24-DabrowskiGegenhuber-WiFi-Calling-Revealing-Downgrade-Attacks.pdf
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies
https://i.blackhat.com/EU-24/Presentations/EU-24-V2-Islamoglu-Unmasking-State-Sponsored-Mobile-Surveillance.pdf
Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach
https://www.zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach/
Understanding WiFi Karma attacks or how and why devices can auto-reconnect to untrusted networks
https://www.mobile-hacker.com/2025/02/05/hacking-on-the-go-wi-fi-karma-attacks-with-mobile-devices/
Analysis of TrickMo Android malware campaign targeting Poland
https://www.sirt.pl/atak-na-uzytkownikow-androida-falszywa-aplikacja-olx/
USB Army Knife: Close Access Penetest Tool
It is capable of: remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/
Analysis of Autel MaxiCharger Android app to reviewing the attack surface
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
Emulating Android native libraries using unidbg
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Ultimate iOS (iPhone & iPad) Hardening Guide
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
Android instrumentation using Frida
https://learnfrida.info/
Android BADBOX Botnet Is Back
https://www.bitsight.com/blog/badbox-botnet-back
Screen recording Android spyware distributed through Amazon Appstore
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/
Authorities in Serbia used Cellebrite to unlock mobile phones so they could then infect them with NoviSpy Android malware
https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/
How to detect ARP spoofing attack using Android app
https://www.mobile-hacker.com/2024/12/16/detect-arp-spoofing-attack-using-android-app/
My other ClassLoader is your ClassLoader: Creating evil twin instances of a class
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
Vulnerabilities in the eSIM download protocol
http://i.blackhat.com/EU-24/Presentations/EU-24-Ahmed-VulnerabilitiesIneSIM.pdf