ELEGANTBOUNCER: Mobile Exploit Detection Without Samples
2025-08-28
ELEGANTBOUNCER is a novel mobile security tool that detects malware by analyzing file structure instead of signatures. Without access to actual malicious samples, it detects known exploits leveraging vulnerabilities in JBIG2, WebP, TrueType, and DNG formats, such as FORCEDENTRY, BLASTPASS, and TRIANGULATION. The tool features parallel processing and a terminal UI, and can analyze iOS backups to detect threats hidden in messaging app attachments. It represents a paradigm shift in mobile threat detection: effective detection without a vault of secret samples, but by understanding the fundamental mechanics of exploitation.