We recently discussed both the backdoor-like behavior of the Moplus SDK and the related Wormhole vulnerability. Because the Moplus SDK was developed by Baidu and not publicly accessible, we initially thought the problem was limited to Baidu apps. Our latest research suggests that popular non-Baidu apps are also affected. The growing impact Our scanning identified more than 14,000…Read More
A vulnerability known as Wormhole that reportedly affected the software development kit (SDK), Moplus by Baidu is making waves due to the severity of the impact once successfully exploited. The said vulnerability was discovered by WooYun.og, a vulnerability reporting platform in China.Read More
Sex sells, and nowhere is that more true than the Chinese mobile landscape. Porn-themed malware has been hitting Android users in China, Japan, and Taiwan in recent weeks.
These malicious apps are distributed via SEO-optimized fake websites, with keywords targeting hot scandals and affairs used. These sites pretend to be porn video websites, and all lead to various malicious apps being downloaded.Read More
The discovery of the first Stagefright vulnerability last July is turning out to be just the beginning of many security concerns for Android users. The latest Nexus security bulletin released earlier this month includes updates for 15 remote code execution vulnerabilities related to libstagefright, all tagged as critical. We discovered four of the mentioned vulnerabilities…Read More