all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Reverse engineering of Android/Phoenix

Add to bookmarks
Feb. 6, 2024, 3:41 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Android/Phoenix is a malicious Remote Access Tool. Its main goal is to extensively spy on the victim’s phone (grab all screenshots, steal the unlock gesture etc). The attacker controls the infected phone via various predefined commands sent on a websocket.

This blog post contains the reverse engineering of sample 6485ead2248298b48d4e677d3fb740b8ce8688bc7b4adb7a4d2ac3af827da46b of mid January 2024. The sample poses as a Google Calendar application.

The malware poses as a Google Calendar application and asks the user to enable Accessibility for it. …

access android attacker blog blog post controls engineering etc goal grab january january 2024 main malicious malware analysis phoenix phone remote access remote access tool reverse reverse engineering sample screenshots spy steal tool unlock victim websocket

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Proposed Bill Focuses on Voluntary AI Security Incident Reporting 31 minutes ago | malware.news
ai security bill companies cybersecurity +21
The impact of automating open source dependency management 46 minutes ago | malware.news
article business consuming customer +12
Diffusione di malware Keylogger tramite falsa pagina di Agenzia delle Entrate – PuntoFisco 2 hours ago | malware.news
agenzia delle entrate article cert con +5
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 3 hours ago | malware.news
article cloud collaboration customers +13
Mounting global ransomware attacks significantly impact US 4 hours ago | malware.news
article attacks avril haines director +12
Media, think tank, service spoofing conducted in APT42 cyberespionage operations 4 hours ago | malware.news
apt42 campaigns charming kitten cyberespionage +30
Old vulnerable D-Link routers subjected to novel Goldoon botnet attacks 4 hours ago | malware.news
april article attacks botnet +13
Android apps targeted by new Dirty Stream attack 4 hours ago | malware.news
android android apps apps arbitrary code +18
Details on 2021 Chemonics hack remain scant 4 hours ago | malware.news
agency article compromised cyberattack +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs