Combatting Cybercrime against Mobile Devices
This paper examines cybercrime against consumer mobile devices and their users in the UK
https://www.rusi.org/explore-our-research/publications/insights-papers/combatting-cybercrime-against-mobile-devices
This paper examines cybercrime against consumer mobile devices and their users in the UK
https://www.rusi.org/explore-our-research/publications/insights-papers/combatting-cybercrime-against-mobile-devices
๐12โก3๐คฃ1
Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets
https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets
https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets
Cleafy
Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets | Cleafy Labs
Albiriox is a newly identified Android malware family offered as a Malware-as-a-Service, and enabling TAs to perform On-Device Fraud through remote control, screen manipulation, and real-time interaction with the infected device. Read more in this report.
๐12โค3๐2๐คฎ1
IPAtool - command line tool that allows you to search and download iOS apps from the App Store, known as an ipa file
https://github.com/majd/ipatool
https://github.com/majd/ipatool
GitHub
GitHub - majd/ipatool: Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS Appโฆ
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store - majd/ipatool
โค18๐7๐3
Charging cable that hacks your device
Once plugged in, it can:
-detect OS,
-inject keystrokes,
-controlled over Wi-Fi,
-create remote shell access without network connection of target
https://www.mobile-hacker.com/2025/12/01/plug-play-pwn-hacking-with-evil-crow-cable-wind/
Once plugged in, it can:
-detect OS,
-inject keystrokes,
-controlled over Wi-Fi,
-create remote shell access without network connection of target
https://www.mobile-hacker.com/2025/12/01/plug-play-pwn-hacking-with-evil-crow-cable-wind/
Mobile Hacker
Plug, Play, Pwn: Hacking with Evil Crow Cable Wind
Itโs a tiny hacking implant hidden inside a cable. Plug it into a computer, and it pretends to be a keyboard. Then it starts typing โ fast. Weโre talking up to 1,000 keystrokes per minute, all automated.
๐25๐ฅ9๐ญ9โค5๐3
Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
Sighery
Reverse engineering Bluetooth on Amazon Kindle eReaders
A journey of learning C and reverse engineering to be more efficiently lazy
๐14๐ฅ5โค2๐1
[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
Medium
All About Android Pentesting: A Complete Methodology
Complete Android application security testing guide: Static & dynamic testing, root detection bypass, SSL pinning, and common vulnโฆ
๐15โค12๐ฅ7๐1
Cybercrime group GoldFactory: Distributed at least 27 legitimate banking apps injected with malicious code, targeting users in Indonesia, Vietnam, and Thailand
https://www.group-ib.com/blog/turning-apps-into-gold/
https://www.group-ib.com/blog/turning-apps-into-gold/
Group-IB
Hook for Gold: Inside GoldFactory's ะกampaign That Turns Apps Into Goldmines
A deep dive into GoldFactoryโs evolving mobile fraud campaigns across APAC, including modified banking apps, new malware variants such as Gigaflower, shared criminal infrastructure, and insights from the Group-IB Fraud Matrix, with recommendations for organizationsโฆ
๐9๐4
SEEDSNATCHER : Dissecting an Android Malware Targeting Multiple Crypto Wallet Mnemonic Phrases
https://www.cyfirma.com/research/seedsnatcher-dissecting-an-android-malware-targeting-multiple-crypto-wallet-mnemonic-phrases/
https://www.cyfirma.com/research/seedsnatcher-dissecting-an-android-malware-targeting-multiple-crypto-wallet-mnemonic-phrases/
CYFIRMA
SEEDSNATCHER : Dissecting an Android Malware Targeting Multiple Crypto Wallet Mnemonic Phrases - CYFIRMA
EXECUTIVE SUMMARY At Cyfirma, we are committed to providing up-to-date insights into current threats and the tactics used by malicious...
๐9โค2
Mobile Forensics: Extracting Data from WhatsApp on already rooted device or with using Cellebrite to gain elevated privileges
https://hackers-arise.com/mobile-forensics-extracting-data-from-whatsapp/
https://hackers-arise.com/mobile-forensics-extracting-data-from-whatsapp/
โค9๐6
Return of ClayRat: Expanded Features and Techniques
https://zimperium.com/blog/return-of-clayrat-expanded-features-and-techniques
https://zimperium.com/blog/return-of-clayrat-expanded-features-and-techniques
Zimperium
Return of ClayRat: Expanded Features and Techniques
true
๐10๐3
New FvncBot Android banking trojan targets Poland
https://www.intel471.com/blog/new-fvncbot-android-banking-trojan-targets-poland
https://www.intel471.com/blog/new-fvncbot-android-banking-trojan-targets-poland
๐8๐3โค2
Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers
PoC: https://github.com/Cfomodz/whatsmap
Paper: https://arxiv.org/html/2411.11194v4
PoC: https://github.com/Cfomodz/whatsmap
Paper: https://arxiv.org/html/2411.11194v4
GitHub
GitHub - Cfomodz/whatsmap: Maps WhatsApp via API
Maps WhatsApp via API. Contribute to Cfomodz/whatsmap development by creating an account on GitHub.
โค16๐ฅ8๐5
New Android In-Call Scam Protection Pauses Calls for 30 Seconds When Using Financial Apps
https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
https://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
Google Online Security Blog
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Goo...
๐11๐4๐คฃ3๐ฅ2
How Ads Infect Phones Without a Click by Intellexa
https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/
https://www.recordedfuture.com/research/intellexas-global-corporate-web
https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue
https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/
https://www.recordedfuture.com/research/intellexas-global-corporate-web
https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue
Amnesty International Security Lab
To Catch a Predator: Leak exposes the internal operations of Intellexaโs mercenary spyware - Amnesty International Security Lab
Drawing on leaked internal company documents, sales and marketing material, as well as training videos, the โIntellexa Leaksโ investigation gives a never-before-seen glimpse of the internal operations of a mercenary spyware company focused on exploiting vulnerabilitiesโฆ
โค13๐5โก3
FuzzMe - MobileHackingLab CTF Challenge WriteUp
https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup
https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup
๐14
Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/
https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/
D3Lab
Inside BTMOB: An Analytical Breakdown of a Leaked Android RAT Ecosystem
This article provides an inside look into the leaked BTMOB ecosystem, a highly capable Android RAT marketed to cybercriminals as a commercial surveillance platform. By examining the leaked development files, server components, and operator tools, we uncoverโฆ
โค12๐8๐ฅ3๐1
DroidLock Hijacks Your Device
https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device
https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device
Zimperium
Total Takeover: DroidLock Hijacks Your Device
true
๐11โค6๐3
Google Project Zero breaks down a 0-click Android exploit that hijacked Samsung phones via a malicious DNG imageโoriginally flagged by Unit 42.
Patched in April 2025 (CVE-2025-21042)
https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html
Patched in April 2025 (CVE-2025-21042)
https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html
projectzero.google
A look at an Android ITW DNG exploit
IntroductionBetween July 2024 and February 2025, 6 suspicious image files were uploaded to VirusT...
โค24๐4
Security flaws in Freedom Chat app exposed users' phone numbers and PINs
https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/
https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/
โก10๐4โค2
ipsw: command-line framework for Apple firmware analysis and interact with iOS devices
https://github.com/blacktop/ipsw
https://github.com/blacktop/ipsw
GitHub
GitHub - blacktop/ipsw: iOS/macOS Research Swiss Army Knife
iOS/macOS Research Swiss Army Knife. Contribute to blacktop/ipsw development by creating an account on GitHub.
๐9๐5๐พ1