10 October 2018

Swedish digital Bank-ID "hacked" again

It was last year when I managed to "hack" Swedish digital Bank-ID,  which is the most widespread digital identification and signing/certifying method in Scandinavia and other European countries.

Platform was Android 4.x Samsung Note 4 rooted.

Titanium Backup was used for hacking.

I cooperated with the Swedish company Finansiell Bank-ID AB, the developer and maintainer of the product.

The backdoor was corrected by eliminating Android 4.x as accepted OS, demanding at least Android 5.x and using TPM.

Well, it was sufficient for almost 1 year, until now.

Test platform was Android 6.x Samsung Note 4 rooted and Android 8.x Motorola G6 Plus rooted.

Swedbank latest version Android app and Finansiell Bank-ID latest version Android app. 

Test was done today 2018-10-10, against Finansiell Bank-ID auth server.

A special modified TWRP recovery was the "tool".

Conclusion:

It seems that new security demands must be asked and following the actual trend:

- SuperSU sold to bogus "chinese" company in USA and abandoned developing

- SuperSU totally eliminated from Google Play

- Huawei no-longer giving bootloader unlocking codes

It seems that it will be a harsh race between Rooting a device and using that device for banking operations or digital authentication.



01 October 2018

AppListo App Cloner 1.5.5 activated via same backdoor in DexProtector

Again same test done with AppListo App Cloner 1.5.5.

Using same backdoor in DexProtector.

Red dot indicates New Premium options available.

Premium


Commercial use

Add-ons

Bundle app data

Custom certificate 

Headphones events

Power events

Red dot General Premium options

Red dot Launching Premium options

Remove launcher icon shortcuts

S-Pen events

Show Bring up to front notification



27 September 2018

DexProtector for Android bypassed

One of the most known anti-tampering solutions for Android developers is DexProtector.
Used by well-known Applisto App Cloner developer from Switzerland.
Until now DexProtector was unhackable, alike DexGuard.
Well...not anymore.
I tested DexProtector bypassing on latest version of Applisto App Cloner 1.5.4.
And I underline: not hacked, but ... bypassed.
Which is worse.
A backdoor in DexProtector made this possible.
I managed to activate with "custom made license"   the latest version 1.5.4 to Premium Commercial  License.
The original installed apk is intact. But a suitable license was artificially created using the backdoor in DexProtector.

Commercial use

Premium

Build props

Custom certificate

Custom package name

Disable USB events

Flush Logcat buffer on exit

Headphones events

Power events

Remove launcher icon shortcuts

S-Pen events

Stealth mode fingerprint

WebView safe browsing

Add-ons