Today we’re releasing our research paper on the operations of the Yanbian Gang—a Chinese cybercriminal group that use mobile malware to siphon off money from account holders of South Korean banks. They are able to transfer up to US$1,600 worth of local currency from victims’ accounts every single day since 2013. This investigation is the result…
Read MoreSimon Huang
Mobile Security Engineer
Every Android app comprises of several components, including something called the AndroidManifest.xml file or the manifest file. This manifest file contains essential information for apps, “information the system must have before it can run any of the app’s code.” We came across a vulnerability related to the manifest file that may cause an affected device…
Read MoreA few months back, we discussed the Android Same Origin Policy (SOP) vulnerability, which we later found to have a wider reach than first thought. Now, under the collaboration of Trend Micro and Facebook, attacks are found which actively attempt to exploit this particular vulnerability, whose code we believe was based in publicly available Metasploit code. This attack targets Facebook…
Read MoreIndependent security researcher Rafay Baloch recently disclosed a serious vulnerability in Android’s built-in browser. The vulnerability allows the same origin policy of the browser to be violated. This could allow a dangerous universal cross-site scripting (UXSS) attack to take place. An attacker could potentially use an IFRAME to load a legitimate site for which the…
Read MoreWe have previously discussed about certain file locker apps that fail to hide files properly. We recently came across yet another file locker app, AppLock, which has the same issue. However, the vulnerability concerning this app goes beyond improperly hiding files—the vulnerability can allow other apps to manipulate the app’s configuration files. The configuration files include…
Read More