Jonathan Scott, an American Phone & Cloud Hacker, has shared his exploit on GitHub
Image source – pixbay.com
Jonathan Scott @jonathandata1 has been working on this exploit for the past few years and revealed this exploit yesterday on his official Twitter account.
Image source – twitter.com
A detailed setup and Discussion have been done at his GitHub Repository, where he established the official Setup for this PoC.
He eventually reduced this technique to only two AT Commands. These AT Commands can be combined into a single string.
This vulnerability may be run on an un-configured Samsung Galaxy device, exposing it to APK injection, binary injection, and RAT injection without the user's knowledge.
Image source – github.com
He states that he is the owner of Zroblack, LLC, a security engineering firm that marketed Zero-Day exploits that are now in use worldwide. John Edward Saenz, his cousin-in-law whom he hadn't seen since he was 11 years old, had stolen all of his exploits.
His company was also robbed of $750,000. He was pressured to sign a release, or John Edward Saenz threatened to "muck up his life." The Texas Western District Court upholds this duress-signed release, allowing John Edward Saenz to take and use the technology that he, Jonathan, produced in any way he sees fit.
Jonathan Scott is one of the top hackers in the United States regarding hacking ethics and the worldwide scenario. He has been quite honest and transparent about everything that has been going on.
Jonathan’s profile on HackerOne is empty today, but it was not always so. We can see this from the screenshot of another HackerOne bounty hunter @sickcodes.
Image source – twitter.com
Leave a comment