HackDig : Dig high-quality web security articles for hacker

Premium SMS malware EXPENSIVEWALL infected millions of Android handsets

Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from the official Play Store after experts with security firm Check Point discovered a new malware, dubbed ExpensiveWall,  eluded the checks of the Google’s Bounce
Publish At:2017-09-15 16:40 | Read:344 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android ExpensiveWa

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

By Kevin Sun The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking app
Publish At:2017-09-13 15:50 | Read:287 | Comments:0 | Tags:Malware Mobile android bankbot google play

Billions of mobile, desktop and IoT devices potentially exposed to BlueBorne Attack

Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new remote attack, even without any user interaction and pairing. The unique condition for BlueBorne attacks is that targeted devices must have Bluetooth enabled. The new attack technique, dubbed BlueBorne, was devised by experts with Armis Labs. Researchers have discovered a
Publish At:2017-09-13 09:25 | Read:198 | Comments:0 | Tags:Breaking News Hacking Mobile BlueBorne attack Bluetooth hack

Toast Overlay attacks, a Cloak and Dagger with No Permissions, fixed by Google

Google just fixed a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. Security researchers with Palo Alto Networks Unit 42, warned of a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the “toast attack” overlay vulnerability. The experts reported that it is possible to abuse
Publish At:2017-09-11 20:31 | Read:268 | Comments:0 | Tags:Breaking News Hacking Mobile Android CVE-2017-0752 mobile To

DolphinAttack – Hackers control Siri, Google Now, Alexa voice assistants with ultrasound

The DolphinAttack technique allows hackers to control Siri, Google Now, Alexa and other voice assistants with commands in ultrasonic frequencies. A team of researchers from the Chinese Zhejiang University has demonstrated how to control several popular speech recognition systems using ultrasound. The attack technique was dubbed ‘DolphinAttack’, i
Publish At:2017-09-08 11:05 | Read:297 | Comments:0 | Tags:Breaking News Hacking Mobile DolphinAttack mobile

WikiLeaks revealed Project Protego, a secret CIA Missile Control System Project for fighters

WikiLeaks has published a new batch of documents that details the Project Protego, a secret CIA Missile Control System Project for fighters Another week, another batch of CIA Vault7 leaks was published by Wikileaks. This time the documents provide details about the Project Protego, a CIA Secret Missile Control System. WikiLeaks published four secret docume
Publish At:2017-09-07 16:17 | Read:282 | Comments:0 | Tags:Breaking News Data Breach Intelligence CIA cyber espionage H

CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App

by Jason Gu and Seven Shen Just about anyone can appreciate a good old meme GIF every now and then, but what if one caused your Android Messages to crash? A denial-of-service vulnerability we recently disclosed to Google can do exactly that and more. Designated as CVE-2017-0780, we’ve confirmed it to be in the latest Nexus and Pixel devices. The security fla
Publish At:2017-09-07 07:30 | Read:578 | Comments:0 | Tags:Mobile Vulnerabilities android Android Messages CVE-2017-078

Boffins found multiple flaws in Mobile Bootloaders using custom tool BootStomp

Boffins have discovered a series of code execution and denial of service flaws in the bootloaders of popular mobile platforms using custom tool BootStomp. A group of nine researchers from the University of California Santa Barbara researchers has discovered a number of code execution and denial of service flaw in the bootloaders of Android chipsets from six
Publish At:2017-09-06 21:45 | Read:375 | Comments:0 | Tags:Breaking News Hacking Mobile Android Bootloaders BootStomp m

Experts discover a new sophisticated malware dubbed xRAT tied to mRAT threat

Researchers at Lookout spotted a new mobile remote access Trojan dubbed xRAT tied to 2014 “Xsser / mRAT” surveillance campaign against Hong Kong protesters. A new mobile remote access Trojan dubbed xRAT includes appears as the evolution of high-profile spyware Xsser / mRAT malware that was first spotted in late 2014 when it was used in a surveillance campaig
Publish At:2017-09-06 01:55 | Read:372 | Comments:0 | Tags:Breaking News Malware Mobile Cybercrime Hacking malware mobi

Google removed almost 300 Android apps involved in DDoS attack

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with the issue, blocked them from
Publish At:2017-09-03 18:25 | Read:313 | Comments:0 | Tags:Breaking News Hacking Malware Mobile Android botnet DDoS Ese

Android Banking Trojan MoqHao targets South Korea users

Security researchers from McAfee have spotted a new Android banking Trojan dubbed MoqHao, targeting South Korean users via SMS phishing messages. Attackers send phishing emails with a malicious code link that tricks victims into believing that it points to a lost private picture or a Chrome update. When victims click on the shortened links in the SMS message
Publish At:2017-08-30 05:45 | Read:460 | Comments:0 | Tags:Breaking News Malware Mobile Android banking trojan MoqHao S

Zimperium researcher released an iOS Kernel Exploit PoC

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices. Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices. The expert called the PoC ex
Publish At:2017-08-28 14:00 | Read:467 | Comments:0 | Tags:Breaking News Hacking Mobile Apple iOS Kernel Exploit kernel

Popular Sarahah App secretly uploads your phone contacts to the company’s servers

According to a report published by The Intercept, the popular Sarahah app silently uploads users’ phone contacts to the company’s servers. This summer, Sarahah became one of the most popular iPhone apps in the world for both iOS and Android. Sarahah has been created by Saudi Arabian developer Zain al-Abidin Tawfiq, it implements a social network
Publish At:2017-08-28 14:00 | Read:630 | Comments:0 | Tags:APT Digital ID Mobile app permissions mobile privacy Sarahah

Mobile Trojan Development Kits allow creating ransomware without the need to write code

Researchers at Symantec have discovered Trojan Development Kits that allow creating Android ransomware without the need to write code. Ransomware continues to represent a serious threat to users and organizations. Unfortunately, it is easy for crooks arranging their own ransomware campaign by using numerous RaaS services offered online. Recently researchers
Publish At:2017-08-25 15:15 | Read:709 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android Hacking mal

WAP-billing Trojan-Clickers on rise

During the preparation of the “IT threat evolution Q2 2017” report I found several common Trojans in the “Top 20 mobile malware programs” list that were stealing money from users using WAP-billing – a form of mobile payment that charges costs directly to the user’s mobile phone bill so they don’t need to register a c
Publish At:2017-08-24 05:50 | Read:338 | Comments:0 | Tags:Mobile Mobile Malware Trojan-clicker WAP

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud