Over the past two weeks, the White House, Canada, the European Union and several countries in Europe have banned the use of the mobile application TikTok by their members and agencies ..read more

Pradeo's source code analysis and secure coding tool has enabled the discovery of a vulnerability in the code of a popular open source library. Freely available to download by the community, this interface module designed to leave comments contained a flaw that allowed privilege escalation ..read more

A few days ago, criminals were arrested after carrying out a large-scale cyberattack on mobile users in Paris. The attack was characterized by the unexpected use of an espionage tool usually reserved for intelligence services, called IMSI catcher ..read more

Expert view of Caroline BORRIELLO, COO of Pradeo ..read more

On Android and iOS, accessibility features are available to help people use their smartphones: audio comments, subtitles, custom display... Some mobile applications designed with an inclusive approach are compatible with accessibility services ..read more

Introduced for the first time in 2001 under the UNIX system, the ARP protocol (Address Resolution Protocol) enables to establish a communication by associating on a local network the IP address and the MAC address (Media Access Control) of a device. The attack that exploits this protocol, called ARP spoofing or ARP poisoning, enables a hacker to divert the information exchanged on the network to his own computer, mobile, server... Historically targeting computers, this type of attack is just as efficient on mobile devices and IoT ..read more

Over the past few months, developers publishing apps on Google Play and App Store have been required to fill out a new section on data security. It's purpose is to increase transparency by informing users about how apps collect their data and for what purpose. Today, the content of this section is purely declarative and hides serious data exfiltrations. Far from its initial purpose, this section is currently being misused by developers to trick users and silently steal their data ..read more

Pradeo has detected a malicious mobile application currently distributed on Google Play and installed by 100,000+ users. The application embeds anAndroid trojan called Facestealer thatuses social engineering to steal Facebook credentialsand makes connections to a Russian server. Perpetrators leveragingthe spywarehave full access to victims’ Facebook accounts and all data they contain, such as credit card details, conversations, searches, etc. (see full list)  We have alerted the Google Play team of our discovery and we advise users of this app to delete it immediately.  ..read more

Update: The application has finally been removed from Google Play on January 27th, after staying available on the store for 15 days.   Pradeo’s researchers discovered a malicious mobile application called 2FA Authenticator distributed on Google Play and installed by 10K+ users. We identified the application as a trojan-dropper as it is leveraged by cybercriminals to secretly install malware on users’ mobile devices. Our analysis revealed that the dropper automatically installs a malware called Vultur which targets financial services to steal users’ banking information.   Users of th ..read more

As we are looking to help organizations identify the next mobile threats they will face and remain a step ahead of them, the Pradeo team publishes every year its mobile security predictions.  ..read more