android
Inside BeatBanker / BTMOB: Static Analysis of TV_V_23.apk, a Multi-Stage Android Banking Malware Platform
A static analysis of TV_V_23.apk, a multi-stage Android banking malware platform attributed with high confidence to the BeatBanker / BTMOB cluster. Distributed as a trojanized fork of the open-source LumoLight flashlight app, the sample chains a native bootstrap, a Firebase-driven orchestrator, a cryptominer-and-keepalive helper, and a full operator RAT with accessibility abuse, screen capture, and runtime-configurable banking-app targeting. Covers the full infection chain, anti-analysis design, attribution, IOCs, and defender recommendations.
Tue 28 April 2026
Android Intent Redirection: Attack Vectors and Mitigations
A deep dive into Android intent redirection vulnerabilities, showing how exported “proxy” compone...
Thu 23 April 2026
Android Requires Developer Verification Starting from 2026
For years, Android’s openness was one of its biggest strengths. Anyone could build an app, share ...
Tue 27 January 2026
Javascript Interface Exposure
Ostorlab's Pentest Engine identified a JavaScript bridge exposure in an Android WebView, allowing...
Wed 07 January 2026
Top Mobile App Security Testing Platforms 2026
Navigate the market for the Top Mobile App Security Testing Platforms 2026 by focusing on the criteria that actually matter for your delivery workflow. Our guide details exactly what to look for, including seamless CI/CD integration, powerful detection, and high-fidelity signal-to-noise ratios. Learn how to evaluate vendors on scalability, multiplatform support, and collaboration features to select a partner that secures your mobile releases without slowing you down.
Understanding Android's FLAG_SECURE for Screen Security
What Android’s FLAG_SECURE does, how it prevents screenshots and screen recordings of sensitive app content, how to implement it correctly, where it makes sense to use it, and the key limitations and UX trade-offs developers need to understand, including its behavior with casting and external displays.
Latest posts
Ostorlab AI Pentest Engine: How it Works
Technical deep dive into Ostorlab AI Pentest Engine inner working, from threat intelligence, risk identification, mobile support to vulnerability validation.
Mon 27 October 2025
Going Beyond: Ostorlab AI Engine Discovers Unknown Vulnerability Classes
Ostorlab’s reasoning-driven AI engine breaks past rule-based limits to surface previously unknown and hard-to-detect vulnerabilities—including WebView Safe Browsing bypasses, SQLi via projections, WebCrypto key exfiltration, and JWT verification ordering flaws—delivering deeper, smarter, complementary security coverage.
Mon 13 October 2025
Introducing Ostorlab Security Testing Benchmarks: Real Vulnerabilities, Real Impact
The first open-source benchmark suite featuring 93 realistic vulnerable mobile apps that mirror actual CVE and bug bounty findings - not theoretical textbook examples.
Mon 22 September 2025
AI-Powered Pentesting: A Deep Dive into Android Intent Redirection
This article showcases Ostorlab's AI Pentest Engine's process for analyzing an Android application for Intent Redirection vulnerabilities. Follow the engine's journey from static analysis and initial findings to rigorous dynamic validation, demonstrating its ability to not only identify potential threats but also to meticulously discard false positives.
Sun 31 August 2025
Know Your App's Data Habits: A Deep Dive into Our Comprehensive Privacy Analysis
Ostorlab's Privacy Scan automatically detects mismatches between what your app's privacy policy says and what it actually does. This comprehensive analysis of policy text, permissions, code, and UI elements helps mobile developers avoid compliance violations and build user trust through accurate privacy practices.
Tue 27 May 2025
Secure Mobile Biometric Authentication: Best Practices and Implementation Guidelines for Kotlin, Swift, and Flutter
In this Article, we define a secure implementation of mobile biometric authentication and provide detailed implementations in the 3 main modern mobile languages, namely Kotlin for Android, Swift for iOS, and Dart for Flutter multiplatform applications.
Tue 20 June 2023
GodFather Android Malware Analysis
In This article, we analyze the GodFather Android malware, which continues to appear in various formats and primarily targets banking and cryptocurrency applications to steal money and sensitive information for the users.
Fri 14 April 2023
Build you CI/CD pipeline for Mobile Applications with Jenkins, Github Actions and Azure Devops
This article will cover the main challenges when implementing a CI/CD pipeline for mobile applications. We will also provide examples of how you can implement a CI/CD pipeline for Android and iOS applications in the most used Mobile CI/CD tools.
Thu 27 October 2022