X-Spy Apk Build Project
Application will be constantly updated and shared.
Github: {Mod edit}
BETA application In New Version
Trojan APK in
scenerio
APK name
Text Label
Background Colors
Icon Hiding and hiding
and many more features may come
Android X-Spy Apk Build
No data is requested by the developer, it is not stored and stored . the
user is completely responsible for the use of the application. it
cannot be used for personal information theft. This project is for testing and training purposes and the responsibility statement will be considered by the user.
signature By {Mod edit}
What is X-Spy Apk Build Mobile Application? X-Spy Build application can be considered as a Mobile Version of
a program called RAT/Trogen, which can be controlled with a computer and can create APK files . It provides an easier and more stable Trojan APK file preparation environment than the problems such as PORT and Server of RAT programs running in the computer environment. We will be able to create the Tojen.APK file, which is created by the computer program RAT applications in the computer environment, through the X-Spy Build application. We will test and see that the topics and APK applications I have mentioned below can work actively and stably.
Our TEST.APK file is a trojan, I strongly advise you to try and test it yourself. TEST.APK file will send us Phonebook name number, Call log date, minute number and a few more information from our phone.
Once the TEST.APK file we have created is installed and running on your phone, it will transfer all the information we request to us.
⇒ The database we will create with Firebase can only be created by creating the application and the KEY KEY and Firebase/Realtime Database link, that is, no one except the database owner can see it. Remember that you have to fill in the requested information correctly and create it.
If you are not familiar with Firebase, please refer to the previous versions of the X-Spy Spy application and read the links I have mentioned and added below.
------------------------
Caution WARNING
X-Spy Apk Build Android Application Is A Limited Application Covering Every User.
From the moment the X-Spy Apk Build App is downloaded to your phone, you will only be allowed to (1) create a trojan APK file.
Application Codes are written in a way that does not allow users to have unlimited access.
What does this mean (?) Since the
X-Spy Apk Build application is coded for Test and Education purposes, the person/persons who want to use the application will only be able to (1) Test or review once.
The created ( TEST.APK ) file will be created only (1) once and you will be able to use your created TEST.APK file as many times as you want.
However, the use of X-Spy Apk Build "com.xspy.build" package named application is limited to creating "1" test.apk. It is important that you fill in the Key Key and Firebase link boxes,
taking into account the current WARNING. X-Spy Apk Build application will not allow its user to create "2" applications for the second time as a result of incorrect information or incorrect database creation. Actually, I can give :=) ------------------------ Trying to make the X-Spy Build application unlimited will only tire you. Trying to MOD or Unlock with apps like Lucky Patcher will give negative results.
You should not forget that I am sharing the application for a test and to get HELP from you to develop it.
The application is currently shared as TEST and a BETA version will be shared in the future. You can write to me via Telegram
for your suggestions and thoughts (Forum Members under the Topic) Non-Forum Users (Guest). Analysis and Information of X-Spy Build Apk File Application Working and Build Environment APK INFO Developer App :By ZehirX Android:versionCode :"1" Android:versionName :"1.0" Android:compileSdkVersion :"30" Android:SdkVersionCodename :"11" Package :name :"com.xspy.build" PlatformBuildVersionCode :"30"
Android:uses-library : org.apache.http.legacy
android:minSdkVersion :"19"
android:targetSdkVersion :"30"
Android:versionMinimal :"KitKat (4.4 – 4.4.4)"
Published on: {Mod edit}
Test process follow :Xiaomi Redmi Note 8
Developer Engine :Native(Java) C/C++ libraries
((( Permissions (com.xspy.build) AndroidManifest.xml )))
<uses-permission android:name="android. permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<uses-permission android:name="android .permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE"/> The
application's development environment: Native(Java) C/C++ libraries and Json Programming Language
I would like to specify the analyzes as 64Bit Qualcomm arm64-v8a and armeabi-v7a during the testing process. We had a stable testing process.
Developer Developer By {Mod edit}
has the authority to send Notices to all users of the application through the application for general information purposes.
Ending the use of
the application Sending notifications about new versions of the
application Sending notifications for maintenance and repair of the application
Android X-Spy Apk Build
X-Spy Apk Build Application usage detail. X-Spy Build applicationShared on the forum site {Mod edit}
Android applications, which are available to Turkhackteam/Forum members whose links are shared above, will now be actively used independently (from me).
Android AntiLog Spy Spy Apk
Android Logger Spy Apk
Android Sms Spy Apk
Android X-Spy Spy Apk
You will be able to use the application names and topic links (Android Spy & Spy) applications with their repetitive and updated versions.
Android X-Spy Apk Build
X-Spy Apk Build application usage details
1.Details You must read or master all the subjects whose names and subject links are shared above, otherwise you cannot use the X-Spy Build application.
Before downloading the X-Spy Build application to your phone, you should go to the ( Firebase ) site and create a "Realtime Database". Friends who do not know the Firebase/Realtime Database application can read the topic links I shared above.
An existing one Sign in - Once we have Google Accounts "Realtime Database" we can download the app.
When we install the X-Spy Build application on our phone, it will be ready for active use.
Step 1. We can create a "Spy Apk" file with the X-Spy Build application. [build]
Key Key / We will create a Key [ Empty ] cannot be left.
Key Key (Minimum) must be 6 letters, numbers and characters
Firebase Link / Here we add the link that we created "Firebase/Realtime Database".
Tap on Create apk.
We choose our 2nd Stage [ Build ] Apk file
. We download our Spy Spy.apk file that X-Spy Build application created for us.
We can test our downloaded Spy apk file ourselves or try it on another phone.
Let's test our Spy.apk file that I created with the TEST X-Spy Apk Build application. Let
's go back to step 1. To create the Apk, we write our
token that we specified in the Key Key box that we specified in the first stage, into the
input box of the Apk file we created for TEST and touch the button. That short work is enough for us.
"Key Key" Reason explanation
The " Firebase link ( Realtime Database ) " that we wrote above to create the Apk file is the
( TAG ) Key we created to access the Login - Google Accounts link
.
This application has been shared for testing and educational purposes. It is strictly forbidden to share it in another forum or virtual environment. ©
It is a legal crime to misuse the application or to try to access/attempt to access the information of another person without their consent, to do harm.
disclaimer
X-Spy Apk Build com.xspy.build packet does not store or store users data
All users accept the Disclaimer by the developer of the application in question and confirm to your knowledge.
The developer is not obliged and responsible for controlling or investigating the content created by users or their illegal activities.
With the X-Spy build application (I am not responsible for the material or moral damages that may occur from the crimes in the Turkish Penal Code No. 5237 and dated 26/9/2004 of the Law No. 5651, the person or persons who want to use the application accept and declare the responsibility of the X-Spy Application.)
Firebase Visual Expression
Login to Firebase with our gmail account
Picture 1 Picture 2 Picture 3 X-Spy Apk Build Picture 1
{Mod edit}
Picture 2
{Mod edit}
Picture 3
{Mod edit}
X-Spy Apk Build
Picture 1
{Mod edit}
Picture 2
{Mod edit}
Picture 3
{Mod edit}
Picture 4
{Mod edit}
Picture 5
{Mod edit}
Picture 6
{Mod edit}
Picture 7
{Mod edit}
The Reference Code of the downloaded Trojan APK file is written by you.
Key Key Must Be Typed. Otherwise, your project will not transfer data.
{Mod edit}
Video Lecture
{Mod edit}
Creating a Firebase Realtime Database
{
"rules": {
".read": changing false, false to true video shown
".write": false
}
{Mod edit}
I apologize in advance for the spelling and expression mistakes, I'm excited, you know, we don't share projects like this every day.
apk download
{Mod edit}
Virus Total
https://www.virustotal.com/gui/file...b555d09a9ccec08c81f8e6c345919f26c82?nocache=1
I'm sorry if I put this topic in the wrong place.
4. Use the English language.
We understand that with all the different nationalities, not everyone speaks English well, but please try. If you're really unable to post in English, use an online translator. You're free to include your original message in your own language, below the English translation. (This rule covers your posts, profile entries and signature). You could try :- https://translate.google.com/ or https://www.babelfish.com/ or use one of your choice.
📚 XDA Developers Forum Rules 📚
XDA-Developers FORUM RULES List of Forum Moderators, click HERE Delete Your XDA Account HERE 1. Search before posting. Use one of our search functions before posting or creating a new thread. Whether you have a question or just something new...
forum.xda-developers.com
Joseph said:
4. İngilizce dilini kullanın.
Tüm farklı milletlerden herkesin iyi İngilizce konuşmadığını anlıyoruz, ancak lütfen deneyin. Gerçekten İngilizce yayın yapamıyorsanız, çevrimiçi bir çevirmen kullanın. Orijinal mesajınızı İngilizce çevirisinin altına kendi dilinizde eklemekte özgürsünüz. (Bu kural gönderilerinizi, profil girişlerinizi ve imzanızı kapsar). Şunları deneyebilirsin: - https://translate.google.com/ veya https://www.babelfish.com/ ya da istediğin birini kullan.
📚 XDA Developers Forum Rules 📚
XDA-Developers FORUM RULES List of Forum Moderators, click HERE Delete Your XDA Account HERE 1. Search before posting. Use one of our search functions before posting or creating a new thread. Whether you have a question or just something new...
forum.xda-developers.com
Click to expand...
Click to collapse
I used google translate. is it ok?
@Byzehirx Thread closed due to violations of XDA Forum Rules! Please refrain from posting such things in future again and please remove the webside link from your profile within the next 48 hours! Thanks for your cooperation.
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
16. Apps that collect identifying details
We don't routinely remove Apps that collect identifying numbers or other personal and device identifiers.
However, should an App, developed by you, be identified as one that maliciously performs this activity (e.g. by not disclosing it to the user), it will be removed from the site and possible sanctions applied;
If the destination of this information is known, it must be made known in the disclosure (examples of this would be you having coded your App to collect IMEI for authentication of the device using it)
If the destination of this information is unknown (as is the case for ad. engines, which collect it for marketing purposes), then please state which ad. provider you are using, in the disclaimer
Click to expand...
Click to collapse
Regards
Oswald Boelcke
Senior Moderator
Related
There are indications that application http://forum.xda-developers.com/showthread.php?t=2108053 violates the MS-RSL license ( http://referencesource.microsoft.com/referencesourcelicensing.aspx ),
because disassembly shows that many of the variable and method names are identical to the names used in SDR# source http://sdrsharp.com/index.php/downloads .
Further analysis will show more details.
I'll kindly recommend moderators to suspend all the download links to this application, until the issue is resolved.
Dear All,
We are conducting a study on users’ adoption to the new Android Runtime Permission Model.
The study has been approved by the UCL Research Ethics Committee (Project ID Number): 8945/001.
We need your help on this project. Please participate to our survey and distribute it to people you know.
The participants just have to download an Android app (we developed) on their devices from the Google Play Store and answer 6 multiple-choice questions.
It won’t take more than a couple of minutes for the participant to download, install and use the app.
The app can be found at the Google Play Store; look for the “Permissions Snapshot” app (developer: Panagiotis Andriotis).
Mod edit: link info removed.
Please read the information displayed on the app’s page at the Google Play store if you have any further questions.
We request to keep this app on your device for a period of one month after you complete the questionnaire.
You will be given the chance to participate again in due course.
Information given is ANONYMOUS!!!
REQUIREMENTS: As a user,
· You must have a device running the Android Marshmallow Operating System (version 6.0+).
· Your device must be connected to the Internet.
· You are happy to provide us anonymous information related to app permissions on your device.
· You are over 18 years old.
Thank you in advance for your cooperation and help.
Kind Regards,
Dr Panagiotis Andriotis
Thread closed. XDA isn't the place to conduct/promote your market research.
I received a notification from Google Play telling me that my app has been removed because of some violation regarding the collection of Advertising IDs.
My app, however, only fetches some publicly available data from the Internet and uses firebase to deliver push notifications to devices which install the app and subscribe to specific FCM topics.
My question is: how could I be leaking Advertising IDs? Are those IDs sent in the HTTP requests made by the app? (e.g. in the headers?) Or maybe it's because of the FCM subscriptions?
The full text of the email I received follows.
Hi developers at REDACTED,
After review, REDACTED, has been removed from Google Play due to a policy violation. This app won’t be available to users until you submit a compliant update.
Issue: Violation of Usage of Android Advertising ID policy and section 4.8 of the Developer Distribution Agreement
Google Play requires developers to provide a valid privacy policy when the app requests or handles sensitive user or device information. We’ve identified that your app collects and transmits the Android advertising identifier, which is subject to a privacy policy requirement. If your app collects the Android advertising ID, you must provide a valid privacy policy in both the designated field in the Play Console, and from within the app.
Next steps: Submit your app for another review
Read through the Usage of Android Advertising ID and User Data policies, as well as the Developer Distribution Agreement, and make appropriate changes to your app. If you decide to collect sensitive user information, be sure to abide by the above policies, and include a link to a valid privacy policy on your app's store listing page and within your app.
Make sure that your app is compliant with all other Developer Program Policies. Additional enforcement could occur if there are further policy violations.
Sign in to your Play Console and submit the update to your app. Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data.
Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data.
If approved, your app will again be available with all installs, ratings, and reviews intact.
If you’ve reviewed the policy and feel this removal may have been in error, please reach out to our policy support team. One of my colleagues will get back to you within 2 business days.
Thanks for helping us provide a clear and transparent experience for Google Play users.
Regards,
The Google Play Team
Click to expand...
Click to collapse
I discovered a massive mobile advertising fraud campaign that pushes fake virus warnings that trick novice Android users into installing questionable apps.
The advertiser uses JavaScript hosted on Amazon's CloudFront that uses various techniques to fingerprint the users web browser and if and Android device is discovered a fake media player or fake Captcha will pop up on the users mobile device to try and trick the user into accepting push notifications.
Once the push notifications are pushed to the mobile web browser the phone will start to vibrate and beep or in some cases play loud sirens or even spoken words along with fake virus warnings claiming the device is infected with multiple non-existent viruses that lead the user to the Google Play store to install questionable apps.
Many of the infected websites are geared towards a younger audience such as popular games and anime but also pirated software and movies and porn sites are also infected with this advertisers script.
The advertiser boasts that they are able to bypass adblockers and one of the infected websites "wallpaperaccess(.)com" has also been seen to download a malicious Android app disquised as an AdBlock app.
MD5 sum of AdBlock.apk 6f1fd359a382348b3307ed9d64eeebaa
The advertiser behind the browser fingerprinting script hosted on CloudFront is "AdMaven" out of Tel Aviv.
Near the bottom of the script and hidden using Base64 encoding using a custom alphabet hides the domain names of the websites that do the push notifications from anther company out of Tel Aviv called "moviesupdates(.)com"
In some of the AdMaven scripts I've examined is the name of another advertiser out of Tel Aviv called "Taboola" and their name is also obfuscated in the script using Base64 and the custom alphabet: abcdwxyzstuvrqponmijklefghABCDWXYZSTUVMNOPQRIJKLEFGH9876543210+/
Almost all the domains are registred to DynaDot and NameCheap.
*Edited to add that NameCheap has turned over a new leaf and is now actively removing reported content.
Here is just a very small sample of the hundreds of infected websites:
deportivo-la-coruna(.)com/page(.)php
mr2(.)com
acampante(.)com
10lance(.)com
russisk(.)org
www(.)e-jurnal(.)com
formodessa(.)com
hdwallsbox(.)com
brightways(.)org
tvshows4mobile(.)com
freehottip(.)com
www.dlmania(.)com
hdmp4mania1(.)net
streamcr7(.)com
123moviesfun(.)is
downace(.)com
watchmoviestream(.)me
customsdutyfree(.)com
allsp(.)ch
www(.)rarbgtorrent(.)com
cmacapps(.)com
speed-new(.)com
blogqpot(.)com
www(.)themetalup(.)com
cutewallpaper(.)org
o2tvseries(.)com
music(.)com(.)bd
manillenials(.)com
luchoedu(.)org
bosscast(.)net
kingdesi(.)com
www.legendofkorra(.)tv
deseneledublate(.)com
repack-games(.)com
amongushacks(.)com
wallpaperaccess(.)com
www.macappstores(.)com
softnspot.blogspot(.)com
btorrent(.)xyz
www(.)frkmusicx(.)com
www.()books-share(.)com
dbanimes(.)com
downloadpc-software.blogspot(.)com
apunkagameslinks.blogspot(.)com
naijatunez(.)com
freegogpcgames(.)com
venenosas(.)com(.)br
www.tumbral(.)com
www.twugi(.)com
gamemox(.)com
egyupgamer.blogspot(.)com
I have emailed AdMaven and Celebsupdates/Moviesupdates and several of the infected websites regarding this fraud but did not get any response.
I'm hoping a reputable security company or ad fraud company will expose this fraud further.
**UPDATE**
It appears the researchers at Bitdefender Labs are tracking the fake adBlock app as "Teabot and Flubot" but they seem unsure as to how the fake adblock app is being propagated.
I have tried to email Bitdefender to give them additional info regarding the malware and how its being spread through malvertising on the sites I listed above but Bitdefender's contact site is complete rubbish.
Bitdefender's article on the malware:
Bitdefender Labs
Daily source of cyber-threat information. Established 2001.
labs.bitdefender.com
Attached is a screenshot showing the malicious AdBlock.apk being advertised by the AdMaven script hosted on CloudFront:
One of the Android applications that people are frightened into downloading by the fake virus warnings is Psafe's DFNDR Antivirus/Cleaner.
Users have been tricked into installing DFNDR through fake virus warnings since 2013.
The developers claim that they do not condone these fraudulent ads and go so far as to ask users to send in screenshots of the fake virus warnings and the URL.
But this is just a ruse. It would be impossible to report on a single URL and the sites that push the fake virus warnings are created automatically.
The only way to truley stop the fake virus warnings is to go to the source of the fraudulent ads which is the AdMaven scripts hosted on Amazon's Cloudfront.
I have shared all this information with the representatives at Psafe about the fraudulent ads and how to stop it.
Psafe even requested I hold off on reporting of the fraud for 30 days which I granted but as you can see from these screenshots Android users are still being sent to the DFNDR app on the Google Play store through these scare tactics.
I have contacted Amazon to report the fraudulent ads and the drive-by downloads of the Android malware but they refuse to do anything about it.
Check the Play Store user reviews for yourself:
hxxps://play.google.com/store/apps/details?id=com.psafe.msuite&hl=en_US&gl=US
Security researcher Lukas Stefanko from ESET is now also tracking this mobile ad fraud and malicious AdBlock app.
Some URL shortener services distribute Android malware, including banking or SMS trojans | WeLiveSecurity
On iOS we have seen link shortener services pushing spam calendar files to victims’ devices.
www.welivesecurity.com
The link shortners being used in recent scareware campaigns are on Adf.ly
It is unfortunate that the true sources of all these fake virus warnings and mobile malware and calendar spam are not being revealed in this latest report.
No mention of the CloudFront scripts or the latest script that is pushing these scareware ads and malware:
hxxps://iclickcdn(.)com/tag.min.js which is being hosted on CloudFlare servers.
While searching for websites infected with the iclickcdn script I discovered that a federal government website frequented by members of congress had also been infected.
I notified the hostmaster and several other agencies and the script was purged from the site.
A link to URL scan that shows the heavily obfuscated iclickcdn JavaScript:
https://urlscan.io/responses/04a1722238c2eb4055efcf3123981dc1cfa9a48e49be8154e4f9d6d66a1e51a6/
sloshnmosh said:
The link shortners being used in recent scareware campaigns are on Adf.ly
Click to expand...
Click to collapse
Thanks for the interesting information.
I'd just like to inform you that Adf.ly is not welcomed and accepted already for years on this forum, and as soon as we recognise or get notified about such a link it gets removed immediately.
Remark: I've deleted the 5 duplicates of your post that suddenly popped up.
Regards
Oswald Boelcke
Oswald Boelcke said:
Thanks for the interesting information.
I'd just like to inform you that Adf.ly is not welcomed and accepted already for years on this forum, and as soon as we recognise or get notified about such a link it gets removed immediately.
Remark: I've deleted the 5 duplicates of your post that suddenly popped up.
Regards
Oswald Boelcke
Click to expand...
Click to collapse
Okay, thanks so much! I should have put cursors around the DOT of adfly so it wasn't a link.
Also, thank you so much for removing the duplicates, I was receiving errors so I was panicked when I saw I made multiple duplicate posts.
{Mod Edit} Latest Version will bring many improvements and new features. Some of them can be seen below:
• New Video Downloader - New update will allow you to download videos from WhatsApp platform. You can use this feature if you want to save watched videos on WhatsApp for later use.
• Delete messages after being read - People always want to make sure that messages are delivered to and read by the person on the other end of the line.
• Allows you to use WhatsApp easier with more privacy options.
• You can hide your online status
• You can also customize your own theme or choose between more than 1000 amazing themes in various colors
• Updated with more interface options
• New and unique app icon
• Support to send PDF , JPG , PNG ,WAV, MP3, OGG . file formats
@WallaceWest
Thread closed! Due to a DMCA of Whatsapp, Whatsapp mods are not accepted on XDA:
Notices/ipla-2013-07-22.md at master · xda/Notices
Legal notices (including DMCA Takedown notices, other legal takedown letters) sent to XDA Developers - Notices/ipla-2013-07-22.md at master · xda/Notices
github.com
XDA Forum Rules (excerpt):
9. Don't get us into trouble.
Don't post copyrighted materials or do other things which will obviously lead to legal trouble. If you wouldn't do it on your own homepage, you probably shouldn't do it here either. This does not mean that we agree with everything that the software piracy lobby try to impose on us. It simply means that you cannot break any laws here, since we'll end up dealing with the legal hassle caused by you. Please use common sense: respect the forum, its users and those that write great code.
Click to expand...
Click to collapse
Regards
Oswald Boelcke
Senior Moderator