Xiaomi’s Analytics app can install any app on you Android device?

Xiaomi, what are you doing? The security researcher Thijs Broenink has reversed the app AnaliticsCore, that comes preinstalled on his Xiaomi Mi4, and found that this app checks for a new update from the company’s official server every 24 hours. With these request to http://sdkconfig.ad.xiaomi.com/api/checkupdate/lastusefulversion, the app sends device identification information with it, like IMEI, Model,…

Automated Android Malware Analysis with CuckooDroid

Mechanical Bird! Cuckoo Sandbox is a famous Open Source software for automating analysis of suspicious files. CuckooDroid is an extension that brings to Cuckoo the capabilities of execution and analysis of android applications. Developed by Idan Revivo and Ofer Caspi, CuckooDroid provides both static and dynamic APK inspection as well as evading certain VM-detection techniques,…

New Android vulnerability affects over 900 million Qualcomm devices

Yep! Another vulnerability in Qualcomm devices, dubbed “QuadRooter”, was disclosed by Check Point in a session at DEF CON 24 in Las Vegas QuadRooter is a set of four vulnerabilities discovered in devices running Android Marshmallow and earlier that ship with Qualcomm chip could allow an attacker to gain root-level access to device. If exploited, QuadRooter…