https://b1872f9d.camati-site.pages.dev/tags/android/ Recent content in android on Hugo -- gohugo.io en-us Sat, 28 Mar 2026 15:12:59 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-07/ Sat, 28 Mar 2026 15:12:59 -0300 https://b1872f9d.camati-site.pages.dev/posts/case-study-07/ Introduction In this blog post I will show how I solved the Sherlocks Hijacked challenge in HTB about DFIR1 and mobile malware (android). The description of the challenge is the following: A S1rBank client reported unauthorized transactions. The victim received an SMS urging a banking app update via a link, which installed a dormant app mimicking the bank’s official version. Once activated, it stole credentials, bypassed 2FA via SMS interception, and exfiltrated data.