40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Introduction to Fuzzing Android Native Components: Strategies for Harness Creation
https://blog.convisoappsec.com/en/introduction-to-fuzzing-android-native-components-strategies-for-harness-creation/
Using capa Rules for Android Malware Detection
https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/
BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites
https://cyble.com/blog/btmob-rat-newly-discovered-android-malware/
Exploiting the iOS Kernel by Spraying IOSurfaces
https://youtu.be/Y-UI4dEFXFk?si=6UpFUyABAX7htCWn
Frida script to bypass root detection & SSL certificate pinning
https://github.com/0xCD4/SSL-bypass
SparkCat malware: OCR crypto stealers in Google Play and App Store
https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/
Android Tria stealer: malware that exfiltrates data and hijack accounts
https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/
Vulnerability of hotel room Android kiosk tablets
It was possible to execute ADB commands, unlock bootloader and possibly escalate privileges to root. Pull kiosk apps for reverse engineering and obtain servers (pivot) or hardcoded secrets.
As a result attacker could pose as another guest room terminal and control the air conditioning and lights, place orders, display bills, and eavesdrop on chats
https://devblog.lac.co.jp/entry/20250124
Android malware in DoNot APT operations
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
Fully-remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the transcription service decodes incoming audio before a user interacts with the message for transcription purposes. Issue is fixed now.
https://project-zero.issues.chromium.org/issues/368695689
Unidbg to production
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
FireScam: Android information stealing malware with spyware capabilities
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
How to install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200)
https://blog.quarkslab.com/first-analysis-of-apples-usb-restricted-mode-bypass-cve-2025-24200.html
Network Security Issues in RedNote app
https://citizenlab.ca/2025/02/network-security-issues-in-rednote/
Evil Crow RF: A Portable Radio Frequency Device compatible with Flipper Zero Sub-GHz file format
https://www.mobile-hacker.com/2025/02/11/evil-crow-rf-a-portable-radio-frequency-device/
Unpacking the BADBOX Botnet with Censys
https://censys.com/unpacking-the-badbox-botnet/
Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach
https://www.zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach/
Understanding WiFi Karma attacks or how and why devices can auto-reconnect to untrusted networks
https://www.mobile-hacker.com/2025/02/05/hacking-on-the-go-wi-fi-karma-attacks-with-mobile-devices/
Analysis of TrickMo Android malware campaign targeting Poland
https://www.sirt.pl/atak-na-uzytkownikow-androida-falszywa-aplikacja-olx/
USB Army Knife: Close Access Penetest Tool
It is capable of: remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/
Analysis of Autel MaxiCharger Android app to reviewing the attack surface
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
Emulating Android native libraries using unidbg
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Ultimate iOS (iPhone & iPad) Hardening Guide
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
Android instrumentation using Frida
https://learnfrida.info/
Android BADBOX Botnet Is Back
https://www.bitsight.com/blog/badbox-botnet-back
Screen recording Android spyware distributed through Amazon Appstore
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/