![]() Permissions Obtained by the “Fake WhatsApp” Android Application ![]() ![]() The application obtained the following set of permissions from the mobile device:Ī_SYNC_SETTINGS ( read sync settings)Ĭom.WRITE_SETTINGS ( modify global system settings)Ĭom._SHORTCUT ( Unknown permission from android reference)Ī_CREDENTIALS ( use the authentication credentials of an account)Ī_COARSE_LOCATION ( coarse (network-based) location)Ĭom._CALL ( Unknown permission from android reference)Ī_SYNC_STATS ( read sync statistics)Ī_BOOT_COMPLETED ( automatically start at boot)Ī ( create Bluetooth connections)Ī ( take pictures and videos)Ī ( full Internet access)Ĭom.permission.READ_GSERVICES ( Unknown permission from android reference)Ĭom.permission.WRITE ( Unknown permission from android reference)Ī_FINE_LOCATION ( fine (GPS) location)Ī_SMS ( send SMS messages)Ĭom._SHORTCUT ( Unknown permission from android reference)Ĭom.RECEIVE ( Unknown permission from android reference)Ī_NETWORK_STATE ( view network status)Ī_TASKS ( retrieve running applications)Ī_SHORTCUT ( Unknown permission from android reference)Ĭom._SHORTCUT ( Unknown permission from android reference)Ĭom._SETTINGS ( Unknown permission from android reference)Ĭom.2D_MESSAGE ( C2DM permission.)Ī_EXTERNAL_STORAGE ( modify/delete SD card contents)Ī_SMS ( receive SMS)Ī_ACCOUNTS ( manage the accounts list)Ī_SYNC_SETTINGS ( write sync settings)Ī_ACCOUNTS ( act as an account authenticator)Ī_STICKY ( send sticky broadcast)Ī_SETTINGS ( modify global system settings)Ī_PHONE_STATE ( read phone state and identity)Ĭom. ( Unknown permission from android reference)Ī_CONTACTS ( write contact data)Ī ( control vibrator)Ī_PROFILE ( read the user's personal profile data)Ĭom.READ_SETTINGS ( Unknown permission from android reference)Ī_LOCK ( prevent phone from sleeping)Ī_BACKGROUND_PROCESSES ( kill background processes)Ī_WIFI_STATE ( view Wi-Fi status)Ĭom._RECEIVE ( Unknown permission from android reference)Ĭom.CHANGE_BADGE ( Unknown permission from android reference)Ī_WIFI_STATE ( change Wi-Fi status)Ī_AUDIO ( record audio)Ī_CONTACTS ( read contact data)Ī_AUDIO_SETTINGS ( change your audio settings)Ĭom._BADGE ( Unknown permission from android reference)Ĭom.permission.READ ( Unknown permission from android reference)Ī_ACCOUNTS ( discover known accounts) The application was fetched and dissected for analysis. Generally, Hack Tool is considered malicious in nature because it is designed to perform some unverified operations that could impact the security state of the target device. ![]() (Request-Line) GET /XSV-5Uz45k-qqW0OZ9uQ/Gb%20whatsapp%%20hack.apk HTTP/1.1Ĭontent-Type application/-archiveĬTag aYzo3ODE4RjFBMDRGQTkyNjFFITIxODkuMjU3Ĭontent-Disposition attachment filename*=UTF-8''Gb%20whatsapp%%20hack.apk Once the HTTP request is redirected to the LiveFileStore platform, the application is downloaded via the HTTP response header “Content-Disposition.” Strict-Transport-Security max-age=31536000 includeSubDomains P3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" (Request-Line) GET /v1.0/shares//root/content HTTP/1.1 If any file were to be uploaded by the user, it would be stored on the and eventually mapped back to the 1drv.ms link. This can be considered a content storage platform but it is not same as “1drv.ms”. The “” is actually registered by Microsoft and used to store user-supplied content. Rather, it was hosted on the LiveFileStore platform. This shows that the Android application is not hosted directly on the OneDrive storage platform. The HTTP request was redirected by OneDrive to the LiveFileStore URL via a “Location” header. Let’s see what happens when the shared link was clicked.
0 Comments
Leave a Reply. |