Zimperium Blog

Your Apps Are Leaking: The Hidden Data Risks on Your Phone, Part 2

Mobile Security
5 minutes
Apr 30, 2025
In our previous article, we explored how cloud misconfigurations and poor cryptographic practices in mobile apps can expose enterprise data. However, the risks don't stop there. Our research has uncovered equally concerning issues with how mobile apps handle data locally on devices and transmit information to remote servers.
Read Full Post

From Lock Screen to Wallets: BTMOB RAT Now Targets Alipay PINs

Threat Research
6 minutes
Apr 23, 2025
On February 12, Cyble reported the discovery of a new variant of the BTMOB spyware, named BTMOB RAT v2.5. This malicious software is being distributed through deceptive phishing sites impersonating popular streaming services like iNat TV and fraudulent cryptocurrency mining platforms.
Read Full Post

Rapid Response: Zimperium Detects SuperCardX NFC Relay Fraud Operation

MTD
1 minutes
Apr 22, 2025
A recent report by Cleafy uncovered SuperCardX, a sophisticated Malware-as-a-Service (MaaS) operation used for conducting NFC relay fraud.
Read Full Post

Your Apps are Leaking: The Hidden Data Risks on your Phone, Part 1

MTD
5 minutes
Apr 16, 2025
Following ThreatFabric’s publication on Crocodilus, a sophisticated Android banking trojan, our zLabs team conducted a deeper investigation into its broader ecosystem.
Read Full Post

Pragmatic Crocodilus: A New Variant In the Horizon

Threat Research
3 minutes
Apr 14, 2025
Following ThreatFabric’s publication on Crocodilus, a sophisticated Android banking trojan, our zLabs team conducted a deeper investigation into its broader ecosystem.
Read Full Post

The Power of App Vetting: The First Line of Defense Against Enterprise Intruders

Zimperium
6 minutes
Apr 09, 2025
Third-party applications deployed within an enterprise environment can inadvertently act as gateways for attackers if not properly vetted before implementation. These applications, while essential to enterprise operations, pose unique security challenges when their vulnerabilities are overlooked or security assessments are neglected during the procurement and deployment process.
Read Full Post

Zimperium’s Zero-Day Detection of Android Malware Using .NET MAUI Framework

Mobile Security
1 minutes
Mar 28, 2025
A recent report by McAfee disclosed a new Android malware campaign leveraging the .NET MAUI cross-platform framework to evade detection.
Read Full Post

Catch Me If You Can: Rooting Tools vs The Mobile Security Industry

Mobile Security
14 minutes
Mar 14, 2025
Our zLabs team dives into why rooting and jailbreaking is a significant threat for enterprises and much more.
Read Full Post