40562
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
'Lucid' Phishing Platform Targets iOS and Android Users with SMS Attacks
https://catalyst.prodaft.com/public/report/lucid/overview
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
https://www.threatfabric.com/blogs/exposing-crocodilus-new-device-takeover-malware-targeting-android-devices
PJobRAT makes a comeback, takes another crack at chat apps
https://news.sophos.com/en-us/2025/03/27/pjobrat-makes-a-comeback-takes-another-crack-at-chat-apps/
A Blueprint of Android Activity Lifecycle
https://8ksec.io/a-blueprint-of-android-activity-lifecycle/
Safari 1day RCE Exploit
Confirmed exploit works on macOS 13.3.1, iOS 15.8.2.
https://github.com/wh1te4ever/WebKit-Bug-256172/tree/ios-arm64
Analysis of Paragon’s Graphite Spyware Operations misusing WhatsApp Zero-Click exploit
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
🚨 Android Threat Hunters, Your Job Just Got Easier!
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://goo.su/GH7WO
Android Banking Trojan – OctoV2, masquerading as Deepseek AI
https://labs.k7computing.com/index.php/android-banking-trojan-octov2-masquerading-as-deepseek-ai/
[analysis] PlayPraetor trojan spreads through fake Play Store pages to steal user data
https://cdn.prod.website-files.com/66fbdb04ee8bb0436308fc15/67c83686e642fa846565699c_CTM360%20Report_%20PlayPraetor%20Trojan%20-%20Clear%20TLP.pdf
EvilLoader: Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android.
The exploit has been sold on underground forum since January 2025.✅Don't install external players if requested by received corrupted video file on Telegram.
https://www.mobile-hacker.com/2025/03/05/evilloader-unpatched-telegram-for-android-vulnerability-disclosed/
Trigon: developing a deterministic kernel exploit for iOS
https://alfiecg.uk/2025/03/01/Trigon.html
Long Live The Vo1d Botnet: New Variant Hits 1.6 Million TV Globally
https://blog.xlab.qianxin.com/long-live-the-vo1d_botnet/
Exploiting the iOS Kernel by Spraying IOSurfaces (part 2)
https://youtu.be/Y-UI4dEFXFk
Android trojan TgToxic updates its capabilities
https://intel471.com/blog/android-trojan-tgtoxic-updates-its-capabilities
Bettercap on Android
60-pages guide on how to use bettercap on mobile device
https://www.mobile-hacker.com/2025/02/21/bettercap-on-android-a-portable-network-security-toolkit/
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications
https://cyble.com/blog/tsarbot-using-overlay-attacks-targeting-bfsi-sector/
Feberis Pro: I have tested a new 4-in-1 Expansion Board for Flipper Zero
https://www.mobile-hacker.com/2025/03/31/feberis-pro-the-ultimate-4-in-1-expansion-board-for-flipper-zero/
APT36 Mimics India Post Website to Spread Malware to Windows and Android Users
https://www.cyfirma.com/research/turning-aid-into-attack-exploitation-of-pakistans-youth-laptop-scheme-to-target-india/
New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI (new Xamarin)
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-malware-campaigns-evading-detection-using-cross-platform-framework-net-maui/
Looks like there is a demand for Telegram RCE exploit
https://techcrunch.com/2025/03/21/russian-zero-day-seller-is-offering-up-to-4-million-for-telegram-exploits/
Vapor malware: Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Blog: https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security
PDF report: https://go.integralads.com/rs/469-VBI-606/images/AMER_VAPOR_THREAT_REPORT_IAS.pdf
It works! The first real smartwatch with Wi-Fi injection, capturing a WPA2 handshake! Using Kali NetHunter running Hijacker app on TicWatch Pro 3 smartwatch. All of that is possible thanks to @yesimxev, one of NetHunter developers! Video credits to @yesimxev (X)
https://www.instagram.com/reel/DHK8eahN2IZ/
KoSpy: New Android Spyware was discovered on Google Play Store, operated by North Korea TA and attributed to APT37.
KoSpy app is still available on alternative app stores.
https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37
BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-disruption-badbox-2-0/
Mobile malware evolution in 2024
https://securelist.com/mobile-threat-report-2024/115494/
Cellebrite zero-day exploit used to target phone of Serbian student activist to install Android spyware
https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/
nRootTag: 1.5 Billion iPhones Used for Malicious Tracking
nRootTag vulnerability allows remote tracking through Apple's Find My network using Bluetooth technology
https://securityonline.info/nroottag-1-5-billion-iphones-used-for-malicious-tracking/
How to build portable Kali box with Raspberry Pi and Touchscreen
✅installation process
✅install drivers and switch output to touchscreen
✅allow auto-login
✅enable SSH as root
✅setup virtual keyboard
https://www.mobile-hacker.com/2025/02/26/building-a-portable-kali-box-with-raspberry-pi-and-touchscreen/
SpyLend Android malware downloaded 100,000 times from Google Play
https://www.cyfirma.com/research/spylend-the-android-app-available-on-google-play-store-enabling-financial-cyber-crime-extortion/
Qardio Heart Health IOS and Android Application and QardioARM A100
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01