Android Security & Malware

Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: [email protected]

Recent Posts

Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG image—originally flagged by Unit 42.
Patched in April 2025 (CVE-2025-21042)
https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html

DroidLock Hijacks Your Device
https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device

Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/

FuzzMe - MobileHackingLab CTF Challenge WriteUp
https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup

How Ads Infect Phones Without a Click by Intellexa
https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/
https://www.recordedfuture.com/research/intellexas-global-corporate-web
https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue

New Android In-Call Scam Protection Pauses Calls for 30 Seconds When Using Financial Apps
https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html

Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers
PoC: https://github.com/Cfomodz/whatsmap
Paper: https://arxiv.org/html/2411.11194v4

New FvncBot Android banking trojan targets Poland
https://www.intel471.com/blog/new-fvncbot-android-banking-trojan-targets-poland

Return of ClayRat: Expanded Features and Techniques
https://zimperium.com/blog/return-of-clayrat-expanded-features-and-techniques

Mobile Forensics: Extracting Data from WhatsApp on already rooted device or with using Cellebrite to gain elevated privileges
https://hackers-arise.com/mobile-forensics-extracting-data-from-whatsapp/

SEEDSNATCHER : Dissecting an Android Malware Targeting Multiple Crypto Wallet Mnemonic Phrases
https://www.cyfirma.com/research/seedsnatcher-dissecting-an-android-malware-targeting-multiple-crypto-wallet-mnemonic-phrases/

Cybercrime group GoldFactory: Distributed at least 27 legitimate banking apps injected with malicious code, targeting users in Indonesia, Vietnam, and Thailand
https://www.group-ib.com/blog/turning-apps-into-gold/

[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1

Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/

Charging cable that hacks your device
Once plugged in, it can:
-detect OS,
-inject keystrokes,
-controlled over Wi-Fi,
-create remote shell access without network connection of target
https://www.mobile-hacker.com/2025/12/01/plug-play-pwn-hacking-with-evil-crow-cable-wind/

IPAtool - command line tool that allows you to search and download iOS apps from the App Store, known as an ipa file
https://github.com/majd/ipatool

Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets
https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets

Combatting Cybercrime against Mobile Devices
This paper examines cybercrime against consumer mobile devices and their users in the UK
https://www.rusi.org/explore-our-research/publications/insights-papers/combatting-cybercrime-against-mobile-devices

SSL Pinning Bypass – Android
https://hardsoftsecurity.es/index.php/2025/11/26/ssl-pinning-bypass-android/

[beginners] Android Recon for Bug Bounty
Learn how to extract APKs, find hidden endpoints & secrets before exploitation using tools such as:
APKeep, APKTool, apk2url, jadx-gui, MobSF, MARA, Drozer
https://www.yeswehack.com/learn-bug-bounty/android-recon-bug-bounty-guide

See more posts

Open in Telegram