TikTok is back in the news. Yesterday, Trump approved a deal between TikTok and Oracle. Oracle will take a 12.5% stake in a new company called TikTok Global, while Walmart will have 7.5%. The company will be headquartered in the US.
In my previous articles, I focused on some of the logs sent by the Android version of TikTok:
Today, we will focus on a different topic: the disinformation associated with TikTok.
Since my first article, TikTok: Logs, Logs, Logs, a lot of things happened.
We are in 2020 and the US president is about to ban TikTok, a video-sharing social network mobile app, because “it poses a risk to US national security”. At the same time, Microsoft started discussions on a potential TikTok purchase in the United States. TikTok has received a lot of media coverage lately, but how much of it is factual? This is what I will try to answer in this series of articles. Each article will answer a very specific question. It is time to put the facts back on the table.
In order to fight Covid19, the Indian government released a mobile contact tracing application called Aarogya Setu. This application is available on the PlayStore and 90 million Indians already installed it.
This application is currently getting a lot of attention in India. In Noida, if people doesn’t have the app installed on their phone, a person can be imprisoned up to 6 months or fined up to Rs 1000.
On April 3, 2 days after the launch of the app, I decided to give a look to the version 1.0.1 of the application. …
On August 27, 2019, Kaspersky published an article about an Android application called CamScanner. They detected that this very popular app, more than 100 million downloads, contained a malicious dropper component.
I am often curious about the technical details in order to know the latest techniques used by bad actors. So I decided to give it a look.
In their article, Kaspersky gave the list of IOCs. I downloaded c69a2d2b0bf67265590c9be65cd4286b on Koodous
According to the article:
When the app is run, dropper decrypts and executes the malicious code contained in the mutter.zip file in the app resources.
fs0c131y@Elliots-MacBook-Pro:~/CamScanner$ apktool --no-src…
The 6th of July 2019 “LeHack”, one of the oldest French underground hackers’ event took place in The Cité des Sciences et de l’Industrie, in Paris. The morning was super cool, I had the chance to meet and chat with a lot of people. After the meal, I started to feel tired so I decided to have a coffee and that’s where this story begins.
It is well known that China spies on its fellow citizens. In this article I will tell you the story of an Android application called MFSocket, a new monitoring tool made in China. This tool allows the police to extract from the victim’s phone a lot of data such as calendar events, SMS, MMS, videos, contacts, Telegram contacts, …
On June 21, 2019 Muyi Xiao, a Chinese journalist, posted on Twitter a thread on an Android application called MFSocket. …
Few months ago, I bought a Samsung phone in order to analyse it. After few hours I found an unprotected receiver in the ContainerAgent application.
The ContainerAgent application, version 2.7.05001015, contained a broadcast receiver called SwitcherBroadcastReceiver.
On Wednesday 17th April 2019, the French Government launched a messaging application called “Tchap”. The day of the launch a lot of articles appeared:
When I saw these titles, I remembered my work on Kimbho, an Indian app which was suppose to be the new WhatsApp. Spoiler: It didn’t end well for Kimbho
It’s 9am, I decided to analyse the app, you know… just to see if I can find something. …
🇫🇷 Hacker. Fight disinformation at Predicta Lab. Not completely schizophrenic. Not related to USANetwork.