Since my first article, TikTok: Logs, Logs, Logs, a lot of things happened.

• Microsoft confirmed it was pursuing a deal to buy TikTok’s operations in the US, Australia, Canada, and New Zealand.
• Trump was supposed to ban TikTok on August 2nd, then he threatened that TikTok will ‘close down’ on September 15th unless an American company buys it. Finally, he signed an executive order banning TikTok and WeChat from operating in 45 days if they are not sold by their Chinese parent companies.
• Trump then changed his mind and gave TikTok a new deadline: 90 days instead of 45.
• WSJ…

We are in 2020 and the US president is about to ban TikTok, a video-sharing social network mobile app, because “it poses a risk to US national security”. At the same time, Microsoft started discussions on a potential TikTok purchase in the United States. TikTok has received a lot of media coverage lately, but how much of it is factual? This is what I will try to answer in this series of articles. Each article will answer a very specific question. It is time to put the facts back on the table.

Disclaimer

• TikTok offers plethora of features to their users…

Few days ago, I received this private message on Twitter.

In order to fight Covid19, the Indian government released a mobile contact tracing application called Aarogya Setu. This application is available on the PlayStore and 90 million Indians already installed it.

This application is currently getting a lot of attention in India. In Noida, if people doesn’t have the app installed on their phone, a person can be imprisoned up to 6 months or fined up to Rs 1000.

Access to app internal files

On April 3, 2 days after the launch of the app, I decided to give a look to the version 1.0.1 of the application. …

On August 27, 2019, Kaspersky published an article about an Android application called CamScanner. They detected that this very popular app, more than 100 million downloads, contained a malicious dropper component.

I am often curious about the technical details in order to know the latest techniques used by bad actors. So I decided to give it a look.

In their article, Kaspersky gave the list of IOCs. I downloaded c69a2d2b0bf67265590c9be65cd4286b on Koodous

According to the article:

When the app is run, dropper decrypts and executes the malicious code contained in the mutter.zip file in the app resources.

fs0c131y@Elliots-MacBook-Pro:~/CamScanner$ apktool --no-src…

The 6th of July 2019 “LeHack”, one of the oldest French underground hackers’ event took place in The Cité des Sciences et de l’Industrie, in Paris. The morning was super cool, I had the chance to meet and chat with a lot of people. After the meal, I started to feel tired so I decided to have a coffee and that’s where this story begins.

Introduction

It is well known that China spies on its fellow citizens. In this article I will tell you the story of an Android application called MFSocket, a new monitoring tool made in China. This tool allows the police to extract from the victim’s phone a lot of data such as calendar events, SMS, MMS, videos, contacts, Telegram contacts, …

The Story

On June 21, 2019 Muyi Xiao, a Chinese journalist, posted on Twitter a thread on an Android application called MFSocket. …

Few months ago, I bought a Samsung phone in order to analyse it. After few hours I found an unprotected receiver in the ContainerAgent application.

Analyse

The ContainerAgent application, version 2.7.05001015, contained a broadcast receiver called SwitcherBroadcastReceiver.