Android

Clipboard Data

• First clipper malware discovered on Google Play
• SHEIN app clipboard unintended exposure
• Samsung devices storing clipboard content in plaintext on the devices

Application Tampering/Patching

• Agent Smith

Device Rooting

• WyrmSpy and DragonEgg
• Camero - CVE-2019-2215
• AbstractEmu

Hooking

• Predator - hooking using YAHFA framework
• Whatsapp hooked using LSPatch, to steal cryptocurrency
• Your Mobile App, Their Playground: The Dark side of the Virtualization

MITM

• Predator in The Wires
• Predator
• Facebook Onavo Project

Webviews

• Vulnerability in TikTok

Screen Recording

• Malware performing screen recording

ScreenShots

• Malware performing OCR on the screenshots The app is available on the Play store. 

NFC

• NFC data capture when physical card is placed near infected device
• PhantomCard - NFC-relay based attacks

App Virtualisation

• Your Mobile App, Their Playground: The Dark side of the Virtualization (Godfather Malware)
• FjordPhantom Android Malware Targets Banks With Virtualization

Others

• Race conditions on Android Custom Permissions (2014)
• Reverse shell without visible permissions
• Root takeover via signature spoofing in tiann/kernelsu

---

iOS

• Pushing malware via TestFlight and Web Clips
• Tricking App Store Review Into Approving Malicious Apps

Jailbreaking

• LightSpy - Using SafariRCE and performing Jailbreaking

App Cloning

• https://arstechnica.com/security/2024/02/a-password-manager-lastpass-calls-fraudulent-booted-from-app-store/

ScreenShots

• Malware performing OCR on the screenshots

Others

• Stealing biometric Data - Trojan, which pretends to be a govt or banking app, steals biometric data. Then uses AI to augment the data and use it as biometric data on real websites
• Access sandbox/RootFS data without Jailbreak

---

In News

• Australian digital driving licenses can be defaced in minutes
• Singapore's banks to ditch texted one-time passwords