Research

Research

Research, publications or commentary written by or in collaboration with Ovi.
12 posts
Research

Server-side Device Validation Protocols in High-Security Android Applications - Cashapp, Revolut, Banking, Healthcare, Government etc.

Ovi
Ovi
In my previous two posts about Android emulator bypassing (Android Network Emulator Bypassing for high security apps - Cashapp, Revolut, Banking, Healthcare, Government etc. & Advanced Android Emulator Bypass Techniques…
Research
members

UCID902: Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902 (2023)

Ovi
Ovi
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members

Security and privacy analysis: MDM applications (국방모바일보안) for South Korean Military personnel (2023)

Ovi
Ovi
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members

RambleOn Android Spyware (December 2022)

Ovi
Ovi
This is a repost of some critical research I performed back in 2022 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members

Account Takeover via browsable intent filter in Android app

Ovi
Ovi
Mobile app security is an interesting field; since app sandbox restrictions are very good, finding security issues can be extremely hard. Once you start delving into applications more and more,…
instructSOCIETY | Visual programming of malware tutorial & project files // part 2
Journal

instructSOCIETY | Visual programming of malware tutorial & project files // part 2

Ovi
Ovi
RE:archive | APT37's ROKRAT HWP Object Linking and Embedding
REarchive
members

RE:archive | APT37's ROKRAT HWP Object Linking and Embedding

Ovi
Ovi
Research
members

RE:privacy | Glow Fertility women's health app - IDOR vulnerability leads to 25 million userbase dataleak

Ovi
Ovi
Summary As part of the RE:privacy project, I am reverse engineering and hacking reproductive health apps to interrogate the security and privacy of these products. You can find out…
The evolution of North Korean Android spyware: ROKRAT & RambleOn
Research
members

The evolution of North Korean Android spyware: ROKRAT & RambleOn

Ovi
Ovi
RE:archive | Reverse engineering APT37’s GOLDBACKDOOR dropper
Research
members

RE:archive | Reverse engineering APT37’s GOLDBACKDOOR dropper

Ovi
Ovi