“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps


Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory.

The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application’s implementation. Arbitrary code execution can provide a threat actor with full control over an application’s behavior. Meanwhile, token theft can provide a threat actor with access to the user’s accounts and sensitive data.

Read more…
Source: Microsoft


Sign up for our Newsletter


Related:

  • Attack Surface Of The Ubiquiti Connect EV Station

    December 5, 2023

    The Ubiquiti Connect EV Station is a Level 2 charging station for electric vehicles. The EV Station is meant to be managed by a Ubiquiti management platform running the UniFi OS Console, such as the Ubiquiti Dream Machine or Cloud Gateway. Users can also use the iOS or Android UniFi Connect mobile apps to configure the EV ...

  • Spyware Employs Various Obfuscation Techniques to Bypass Static Analysis

    November 29, 2023

    With the surging popularity of mobile applications, the landscape of cybersecurity is encountering increasingly intricate and discreet forms of malicious software. One common strategy in the realm of cybersecurity is code obfuscation. This practice involves the deliberate alteration of various elements within the code, such as variables, functions, and class names, rendering them virtually indecipherable. This ...

  • Türkiye’s MIT saves Palestinian Iron Dome hacker from Mossad hit

    November 22, 2023

    Türkiye’s National Intelligence Organization (MIT) saved Omar A. from possible death or abduction in an international operation and offered him protection as the renowned Palestinian hacker was targeted by Mossad in Türkiye and Malaysia. The young man credited with hacking into Israel’s notorious Iron Dome air defense system was sought by Israel for a long time. ...

  • Social engineering attacks lure Indian users to install Android banking trojans

    November 20, 2023

    Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages designed to steal users’ information for financial fraud. Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations, such ...

  • Zero-days for hacking WhatsApp are now worth millions of dollars

    October 5, 2023

    Thanks to improvements in security mechanisms and mitigations, hacking cell phones — both running iOS and Android — has become an expensive endeavor. That’s why hacking techniques for apps like WhatsApp are now worth millions of dollars, TechCrunch has learned. Last week, a Russian company that buys zero-days — flaws in software that are unknown to ...

  • A cryptor, a stealer and a banking trojan

    September 28, 2023

    Last month Kaspersky researchers covered a wide range of cybercrime topics. For example, Kaspersky published a private report on a new malware found on underground forums that they call ASMCrypt (related to the DoubleFinger loader). But there’s more going on in the cybercrime landscape, so the researchers also published reports on new versions of the Lumma ...