Tag: android
-
Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
MTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from conventional mobile malware, Sturnus not only supports the typical arsenal of credential theft and whole device takeover but also demonstrates the ability…
-
Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
MTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from conventional mobile malware, Sturnus not only supports the typical arsenal of credential theft and whole device takeover but also demonstrates the ability…
-
New Android malware can capture private messages, researchers warn
The malware can monitor everything displayed on a phone in real time, including contacts, full message threads and the content of encrypted chats, by accessing data after it has been decrypted by legitimate apps. First seen on therecord.media Jump to article: therecord.media/new-android-malware-captures-private-messages
-
Banking-Trojaner: Neue Android-Malware liest verschlüsselte Chats mit
Egal ob Signal, Telegram oder Whatsapp – kein Chat kann sich vor dem Sturnus-Trojaner verstecken. Opfer bemerken den Datenklau nicht. First seen on golem.de Jump to article: www.golem.de/news/banking-trojaner-neue-android-malware-liest-verschluesselte-chats-mit-2511-202408.html
-
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud.”A key differentiator is its ability to bypass encrypted messaging,” ThreatFabric said in a report shared with The Hacker News. “By capturing content directly from the device screen after decryption, Sturnus…
-
Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
A new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/multi-threat-android-malware-sturnus-steals-signal-whatsapp-messages/
-
Google Play Store’s privacy practices still confuse Android users
Privacy rules like GDPR and CCPA are meant to help app stores be clearer about how apps use your data. But in the Google Play Store, those privacy sections often leave people … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/20/google-play-store-privacy-practices/
-
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% for the first time.”We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But…
-
Google to flag Android apps with excessive battery use on the Play Store
Google will start taking action on Android apps in the official Google Play store that have high background activity and cause excessive battery draining. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-to-flag-android-apps-with-excessive-battery-use-on-the-play-store/
-
Google backpedals on new Android developer registration rules
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-backpedals-on-new-android-developer-registration-rules/
-
Android Reports Major Drop in Memory Bugs as Rust Adoption Accelerates
Android has shared new insights into how the platform’s long-term shift toward Rust is reshaping both security and software development. The new data reflects a decisive move toward memory safety, and, unexpectedly, faster engineering cycles across the Android ecosystem. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/android-rust-memory-safety-productivity/
-
Android Photo Frame App Infects Devices With Malware, Allows Full Remote Takeover
A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a potent tool for cybercriminals. The findings reveal that apps preinstalled on these smart photo frames not only download and execute malware automatically but can also hand over complete device control…
-
Android-Entwicklerregistrierung: Google rudert ein bisschen zurück
Google plant, dass alle Android-App-Entwickler sich gegenüber dem Unternehmen identifizieren müssen, um die App künftig noch unter zertifizierten Android-Geräten ausführen zu können. Nach massiven Protesten soll es nun eine Ausnahme für “erfahrene Android-Nutzer, die das Risiko von Apps aus unbekannten … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/14/android-entwicklerregistrierung-google-rudert-ein-bisschen-zurueck/
-
Breach Roundup: UK Probes Chinese-Made Electric Buses
Also, North Korean Hackers Remotely Wipe Android Devices. This week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google’s Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web…
-
NDSS 2025 Power-Related Side-Channel Attacks Using The Android Sensor Framework
SESSION Session 2D: Android Security 1 Authors, Creators & Presenters: Mathias Oberhuber (Graz University of Technology), Martin Unterguggenberger (Graz University of Technology), Lukas Maar (Graz University of Technology), Andreas Kogler (Graz University of Technology), Stefan Mangard (Graz University of Technology) PAPER Power-Related Side-Channel Attacks using the Android Sensor Framework Software-based power side-channel attacks are a…
-
NDSS 2025 Power-Related Side-Channel Attacks Using The Android Sensor Framework
SESSION Session 2D: Android Security 1 Authors, Creators & Presenters: Mathias Oberhuber (Graz University of Technology), Martin Unterguggenberger (Graz University of Technology), Lukas Maar (Graz University of Technology), Andreas Kogler (Graz University of Technology), Stefan Mangard (Graz University of Technology) PAPER Power-Related Side-Channel Attacks using the Android Sensor Framework Software-based power side-channel attacks are a…
-
Building checksec without boundaries with Checksec Anywhere
Since its original release in 2009, checksec has become widely used in the software security community, proving useful in CTF challenges, security posturing, and general binary analysis. The tool inspects executables to determine which exploit mitigations (e.g., ASLR, DEP, stack canaries, etc.) are enabled, rapidly gauging a program’s defensive hardening. This success inspired numerous spinoffs:…
-
Popular Android-based photo frames download malware on boot
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-android-based-photo-frames-download-malware-on-boot/
-
Nach Phishing-Angriff auf Android-User: Hacker nutzen Googles Find Hub, um ihre Spuren zu verschleiern
First seen on t3n.de Jump to article: t3n.de/news/phishing-angriff-android-hacker-find-hub-ausnutzen-1716406/
-
NDSS 2025 MALintent: Coverage Guided Intent Fuzzing Framework For Android
Tags: android, api, conference, framework, google, Internet, network, open-source, oracle, privacy, vulnerabilitySESSION Session 2D: Android Security 1 Authors, Creators & Presenters: Ammar Askar (Georgia Institute of Technology), Fabian Fleischer (Georgia Institute of Technology), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara), Taesoo Kim (Georgia Institute of Technology) PAPER MALintent: Coverage Guided Intent Fuzzing Framework for Android Intents are the primary…
-
North Korean APT Uses Remote Wipe to Target Android Users
North Korean hackers are exploiting Google’s Find Hub to wipe Android devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-apt-uses-remote-wipe-to-target-android-users/
-
North Korean APT Uses Remote Wipe to Target Android Users
North Korean hackers are exploiting Google’s Find Hub to wipe Android devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-apt-uses-remote-wipe-to-target-android-users/
-
North Korean APT Uses Remote Wipe to Target Android Users
North Korean hackers are exploiting Google’s Find Hub to wipe Android devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-apt-uses-remote-wipe-to-target-android-users/
-
Kimsuky APT Takes Over South Korean Androids, Abuses KakaoTalk
Konni, a subset of the state-sponsored DPRK cyberespionage group, first exploits Google Find Hub, which ironically aims to protect lost Android devices, to remotely wipe devices. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/kimsuky-apt-south-korean-androids-abuses-kakaotalk
-
Android Devices Targeted By KONNI APT in Find Hub Exploitation
A new cyber-attack has been observed exploiting Google Find Hub to remotely wipe Android devices, linked to North Korean APTs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-devices-targeted-konni-apt/
-
North Korean spies turn Google’s Find Hub into remote-wipe weapon
KONNI espionage crew covertly abused Google’s Find My Device feature to remotely factory-reset Android phones First seen on theregister.com Jump to article: www.theregister.com/2025/11/11/north_korean_spies_turn_googles/