Android Archives | Insecure Lab

TrueCaller Bug – Automatically Creating UPI Accounts Without Users Consent

15-September-201918-April-2020Prasanna Sherekar

In a nightmare for thousands of TrueCaller users in India, a so-called bug automatically created their Unified Payments Interface (UPI) accounts with the ICICI Bank without their consent, triggering panic and hacking fears. The affected users received an SMS from ICICI Bank, saying – “Your registration for UPI app has started. If it was not […]

WhatsApp – Message Handler Vulnerability Allows to Remotely Crash

1-December-201418-April-2020Prasanna Sherekar

A Vulnerability has been discovered in the wildly popular messaging app WhatsApp, which allows anyone to remotely crash WhatsApp just by sending a specially crafted message, two security researchers reported. Two India based independent security researchers, Indrajeet Bhuyan and Saurav Kar, both 17-year old demonstrated the WhatsApp Message Handler vulnerability. In a video demonstration, they […]

Android WebView Exploit Allows Hackers to Install Malicious Apps

16-September-201318-April-2020Prasanna Sherekar

There’s a vulnerability that affects WebView control in Android applications installed on Android devices running versions older than 4.2. This vulnerability makes a large number of Android applications act as a hacker pipeline into user’s devices and provides a way to install malicious software, send SMSs and more. WebView allows the user to view a […]

Android Malware Exploiting Google Cloud Messaging Service

14-August-201317-August-2013Prasanna Sherekar

Researchers have discovered a number of malicious Android apps are using Google’s Cloud Messaging (GCM) service and leveraging it as a command and control server to carry out attacks. A post on Securelist today by Kaspersky Lab’s Roman Unuchek, breaks down five Trojans that have been spotted checking in with GCM after launching. Trojan-SMS.AndroidOS.FakeInst.a Trojan-SMS.AndroidOS.Agent.ao […]

Android Clickjacking Rootkit Demonstrated

5-July-20128-July-2012Prasanna Sherekar

A team of security researchers have demonstrated how a security flaw in Android 4.0.4 can be exploited by a clickjacking rootkit. The research team is lead by North Carolina State University professor Xuxian Jiang, who succeeded in developing a proof-of-concept rootkit that attacks the Android framework as opposed to the underlying operating system kernel. The […]

Wifi Protector – Protect Your Android From Wi-Fi Sniffing Attacks

5-February-201219-February-2012Prasanna Sherekar

Detects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle) Attack. Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via MITM through ARP […]