@cryptaxInside Sinchat Flutter riskwareIn this blog post, we analyze 2 borderline Flutter apps. As I’ll explain in conclusion, they are not malicious but expose borderline/risky…May 24May 24
@cryptaxTesting Restricted Settings of Android 13 on an emulatorAndroid 13 introduced a new security measure called “Restricted Settings”. The measure is meant to limit access to notification settings…Apr 4Apr 4
@cryptaxPhishing attempt on French e-tollsYesterday, I received a well-crafted phishing attempt email targeting users of a French e-toll company. While this email contains no mobile…Mar 21Mar 21
@cryptaxWhat makes a good CTF challenge?A Capture The Flag (CTF) challenge is a specific task or problem designed to test participants’ skills in various areas of cyber-security…Mar 18Mar 18
@cryptaxAndroid/SpyNote bypasses Restricted Settings + breaks many RE toolsToday, I reversed an Android spyware with multiple tricks. The malware has been discovered by @malwrhunterteam 2 days ago.Feb 191Feb 191
@cryptaxA simple infostealer for beginnersMost Android malware are packed and obfuscated nowadays. From time to time, it’s nice to reverse a simple one 😆. This one was found at the…Feb 9Feb 9
@cryptaxAndroid/Phoenix authors, claims, sample identification and trendsThe Android/Phoenix botnet (see reverse engineering post here) was advertised underground in May 2023, and on GitHub and Telegram. The…Feb 8Feb 8
@cryptaxReverse engineering of Android/PhoenixAndroid/Phoenix is a malicious Remote Access Tool. Its main goal is to extensively spy on the victim’s phone (grab all screenshots, steal…Feb 6Feb 6
@cryptaxOrganizing malware analysis with Colander: example on Android/WyrmSpyWhen I analyze a malware, I keep side by side an ugly text file where I write down my reversing notes. Unfortunately, my notes are usually…Dec 18, 2023Dec 18, 2023
@cryptaxBad Zip and new Packer for Android/BianLianI got my hands on a new sample of Android/BianLian (sha256: 0070bc10699a982a26f6da48452b8f5e648e1e356a7c1667f393c5c3a1150865), a banking…Dec 14, 2023Dec 14, 2023