Skip to Content

EarSpy eavesdrop attack on Android

Updated on 2022-12-29: EarSpy attack Academics from several US universities have developed a new attack called EarSpy that can eavesdrop on Android conversations and other audio using the devices’ built-in motion sensors, such as the accelerometer. Read more: EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers Overview Academic researchers from …

Read More about EarSpy eavesdrop attack on Android

Godfather Android banking trojan

Updated on 2022-12-21: Godfather Android banking trojan Group-IB researchers have an analysis of Godfather, an Android banking trojan built on top of the old Anubis trojan. Godfather currently contains modules to target the customers of 215 banks, 94 crypto wallets, and 110 crypto exchange platforms. The trojan has been active since June 2021. Read more: …

Read More about Godfather Android banking trojan

Android Platform Certificates Stolen, Used to Sign Malicious Apps

Updated on 2022-12-04: Android phone makers’ encryption keys used in malware It’s never good when private keys are leaked or stolen, but even worse when they’re reused for malware. But that’s what happened with Android device makers Samsung and LG. @maldr0id found that “platform certificates” used to verify legitimate third-party Android system apps developed by …

Read More about Android Platform Certificates Stolen, Used to Sign Malicious Apps

Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware

Platform certificates from major Android vendors and software makers have leaked and were used to sign malware, the Android Security Team discovered last month. Platform certificates are digital certificates used by Android OEMs and ODMs to sign versions of the Android OS they deploy on their devices, their firmware, and official vendor apps they might …

Read More about Samsung, MediaTek, and other Android platform certs were leaked and used to sign malware

Predatory lending apps

Updated on 2022-12-01: Predatory lending apps Mobile security firm Lookout found 251 Android and 35 iOS lending apps that engaged in predatory and abusive behavior toward their users. The apps offered users loans but, in return, requested access to excessive permissions and personal user information, such as contacts, local files, and SMS messages. The apps …

Read More about Predatory lending apps

Schoolyard Bully Android Trojan

Updated on 2022-12-01 Schoolyard Bully Mobile security firm Zimperium said it discovered a new Android trojan named Schoolyard Bully that has been active since 2018. Disguised as educational apps in both the Google Play Store and other third-party app stores, this malware has been downloaded more than 300,000 times across 71 countries. Zimperium says the …

Read More about Schoolyard Bully Android Trojan

SharkBot banking trojan malware

Updated on 2022-11-22 Antivirus maker Bitdefender said it identified four Android apps on the official Play Store acting as downloaders for the SharkBot banking trojan. The apps were file managers but also contained malicious code to help deploy malware on a user’s device after their Play Store installation. Read more: Android SharkBot Droppers on Google …

Read More about SharkBot banking trojan malware

Android and memory-safe languages

Updated on 2022-12-22: Memory safety The US Congress will require the National Cyber Director to study the use of memory safety languages in the federal government, according to a provision included in the Financial Services and General Government Appropriations Act 2023 [PDF, page 19]. Updated on 2022-12-01: Android and safe languages Google says that Android …

Read More about Android and memory-safe languages

Security researcher lands $70,000 for Google Pixel lock-screen bypass

Updated on 2022-11-13: Security researcher lands $70,000 for Google Pixel lock-screen bypass A vulnerability in all Google Pixel phones allowed anyone to easily bypass the lock screen, according to @xdavidhu. The bug was fixed on November 5 in an Android security update and tracked as CVE-2022-20465. The bug can be exploited with physical access to …

Read More about Security researcher lands $70,000 for Google Pixel lock-screen bypass

MC465552: Office for the web rebrand on Service health and Message center

Updated November 16, 2022: We have updated the rollout timeline below. Thank you for your patience. In October we announced at Microsoft Ignite that the Office app for web (office.com), Windows, iOS, and Android will be rebranded to become the Microsoft 365 app (MC446132). As a continuation of this, the service listings on Service health …

Read More about MC465552: Office for the web rebrand on Service health and Message center

HiddenAds on Google Play Store

Updated on 2022-11-02 A set of four malicious apps, developed by the Mobile apps Group, was found propagating the HiddenAds trojan. The apps have been downloaded over a million times from the Google Play Store. Read more: Malware on the Google Play store leads to harmful phishing sites Updated on 2022-11-01: New malware from the …

Read More about HiddenAds on Google Play Store
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.