Vulnerabilities in apps are always a cause for concern, especially when said apps handle sensitive information, particularly financial. We examined two popular in-app payment (IAP) SDKs—Google Wallet and the Chinese payment platform Alipay—and discovered that these contain a vulnerability that can be exploited for phishing attacks. The versions we analyzed were Google IAP versions 2…
Read MoreWeichao Sun
Mobile Threats Analyst
We have previously discussed an Android vulnerability that may lead to user data being captured or used to launch attacks. We discovered that the popular Android app for Evernote contained the said vulnerability. We disclosed the details to Evernote, and they took action by issuing an update to the Android version of their app. Evernote has added additional…
Read MoreAlipay is a popular third-party payment platform in China that is operated by Alibaba, one of the biggest Internet companies in China. We recently found two vulnerabilities in their Android app that could be exploited by an attacker to carry out phishing attacks to steal Alipay credentials. We disclosed the said vulnerabilities to Alipay; they…
Read MoreThe recent introduction of ransomware in the mobile threat landscape was followed by a new development: the usage of TOR to hide C&C communication. In our analysis samples we now detect as AndroidOS_Locker.HBT, we found that this malware shows a user interface that notifies the user that their device has been locked down, and that they need to pay…
Read MoreWe’ve recently found a vulnerability in certain Android apps that may leave user data at risk of being captured or being used to launch attacks. The two affected apps we investigated are both highly popular: The productivity app has at least 10M installs and hundred thousands of customer reviews based on their download page The…
Read More