MALWARE FILE INFORMATION

File Name: 09024538768–1107749532.apk

Size: 0.12MB

MD5:65a92baefd41eb8c1a9df6c266992730

SHA1:117a2bdb1550534c0945dd210c2e9b1e58c50431

SHA256:60df17a8d53bf179c5025baf9b0fbfc9bdc4cfb483b059ab2c58bfdf375c8c76

App Name : Roblox

Package Name : com.lob.roblox

STATIC ANALYSIS OF THE MALWARE

The above malware was extracted from the mobile network by downloading the malicious application that the subscriber installed on the smartphone.

The application was distributed from the server below:

http://173.255.243.60/public/silent_apk/2059/631023079870014__null__11880__v18_20151127/apk/2019/12/09024538768--1107749532.apk

ANDROID MANIFEST FILE ANALYSIS

Image for post
Image for post
Android Manifest

After reading the Manifest, I have noticed the following:

<uses-permission android:name=”android.permission.ACCESS_WIFI_STATE”/>

Gives the application the ability to check the current state of the wifi.

<uses-permission android:name=”android.permission.WRITE_EXTERNAL_STORAGE”/>

— Gives the application the ability to write to external storage.

<uses-permission android:name=”android.permission.INTERNET”/>

— Gives the application the ability to connect to the internet and creating socks…


The cybersecurity and enterprise world have deep knowledge of attacks towards computers and servers running Linux or windows but not towards mobile operating systems such as Android and iOS and others.

In the digital era, most people use their smartphone to browse the internet, and bring your own device has become the norm in the workplace, but these smart devices are the victims of embedded malware developed by skilled hackers, who are willing to extract as much as information for their own financial benefit.

Most of the mobile malware creators are interested in the following information from your smartphone:

MSISDN/telephone…


Image for post
Image for post

Quando fala-se de virus moveis muita gente ainda pensa que é um mito e que esses tipos de virus não existem, mas esses virus são muitos comuns e afectam todas as plataformas ou sistemas operativos.

Antes de explicar qual sistema mas suscetível a infecçōes de virus, primeiro vou falar sobres os sistemas operativos e a segurança que eles oferecem para prevenção contra esses virus.

Sistemas operativo Android

O Android é um sistema operativo de código aberto da Google, a Google permite que os fabricantes de smartphones façam alterações e personalizem a parencia do sistema operativo. …


What is Single Ring Solicitation Fraud (Wangiri Fraud)?

  • Happens when a fraudster uses one or more Premium Rate Numbers or High Tariff numbers to generate a large number of missed calls to a specific or multiple ranges of MSISDNs belonging to an telecommunication operator. These destination numbers are usually unknown to the subscribers that receives the missed calls.
  • The fraudster generates these Single ring solicitation Calls expecting the subscribers to return the calls to Premium Rate Numbers or High Tariff numbers, so that they can generate some revenue from it therefore it is concluded by fraud experts that “The motivation behind this fraud is international revenue share fraud”.
Image for post
Image for post
Illustration of a Wangiri fraud flow

Analyzing the difference between normal ISUP calls from Single Ring Solicitation calls


Image for post
Image for post

Mapping of USSD Top 10 Security Risks

Security should be at the heart of software systems, especially when there is money involved. In mobile money or mobile payment ecosystems which enable USSD feature are exposed to some risks can affect the credibility of the service and can be detrimental for the organization's revenue, if they are not taken into account and prevented before launching a mobile money service. Below are the most prevalent risks for mobile money payments related to USSD and the recommendations to mitigate them.

A cybercriminal can tamper with USSD command requests and responses by conducting man-in-the-middle…


Image for post
Image for post

Some of the top 5 technical books I have read — December 2020 to February 2021 edition.

In my quest to become the security professional that I am today, I have learned from multiple sources and one of these key sources are the technical books that I read, apart from the RFC, online courses, and of course the articles on Medium published by very skilled security professionals.

I would like to share some of the top 5 technical books and I will continue to share more.

1. Black Hat python, 1st Edition.

The book is written by Justin and Tim Arnold and foreword by one of…


In the digital era, we find ourselves connected to the internet all the time and from multiple devices. All these connected devices can be compromised by cybercriminals to steal sensitive data such as credit card numbers, passwords, and others.

To increase the level of difficulty for a criminal who seeks to compromise your devices and stealing your information, one can adopt the following preventive measures.

1. Enable Automatic Updates By Default

Enabling automatic updates can save you from a lot of trouble. if your devices are not running the latest software then it is vulnerable to multiples attacks that can happen when you browse a website…


Image for post
Image for post

SMS PHISHING

SMS phishing is the act of committing text message fraud to try to lure victims into revealing account information or installing malware.

In SMS phishing, Cybercriminals use a text message to try to get potential victims to give out personal information. The text message, which typically contains a link to a fake website that looks identical to the legitimate site, asks the recipient to enter personal information. Fake information is often used to make the texts appear to be from a legitimate organization or business.

Due to the rapid adoption of smartphones and smartphones are the primary computing platform for…

Josue Martins

Interested in Mobile Appication Security ,IoT security ,Mobile Device and Telecom Security. https://twitter.com/movcx5 https://www.linkedin.com/in/josuemartins/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store