Mobile Security Miscellany

androidsecuritylogoHere are a few recent mobile security related items that don’t seem to have made the mainstream media yet…

  • FireEye have found that a mobile app company is taking control of Android Phones. They have a detailed breakdown and have observed re-packaged apps such as Amazon, Memory Booster, Clean Master, PopBird, YTD Video Downloader, and Flashlight.
  • Hacker News has a story claiming XCodeGhost is similar to that developed by Central Intelligence Agency (CIA).
  • Google have been relatively quiet about their SafetyNet anti-tamper detection, masquerading as a CTS compatibility test. koz.io has a detailed breakdown of what it does and how it works. The article also explains how to call the test from your app. However, as the higher levels of SafetyNet are Java calls, it’s likely that it can be hooked (bypassed) using something like XposedBridge.