Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and […]
A new Android Trojan codenamed FlyTrap has hit at least 140 countries since March 2021 and has spread to over 10,000 victims through social media hijacking, third-party app stores, and sideloaded applications. Zimperium’s zLabs mobile threat research teams recently found several previously undetected applications using Zimperium’s z9 malware engine and […]
Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and banking malware family, uses SMS phishing techniques to propagate to its victims, purporting to be various vendors and delivery services. The group behind this aggressive malware […]
Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading […]
We are thrilled to announce Google has selected us to help ensure the safety of the millions of apps in the Google Play Store through its App Defense Alliance. As a member of the App Defense Alliance, Google will provide us access to mobile apps as they are being queued […]
Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing traditional endpoints, very little has been invested to protect mobile device endpoints. Attackers work on the same model as any other business: where do they get the […]
These last few days could have CIOs and CISOs very nervous. Two news stories about mobile devices pose real threats for enterprises around the world: From Forbes, “millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google’s own security research team.” Also from Forbes, […]
According to Threatpost, another new malicious Android app – dubbed “Monokle”- is gaining attention. While Monokle has some interesting capabilities (e.g., making extensive use of Android accessibility services to exfiltrate data and predictive-text dictionaries to understand a target’s interests), it is still basically another malicious app. Monokle is a highly-targeted […]
According to news reports, a new strain of Android malware has infected 25 million devices and modified legitimate apps with a malicious ads module. It’s believed the malware originated from a Chinese internet company that helps Chinese Android developers publish and promote their apps in foreign markets. The malware was […]
Researcher: Chilik Tamir (@_coreDump) Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This vulnerability was reportedly exploited in the wild, and it was designated as CVE-2019-3568. A previous post by Zimperium gave some preliminary information about the vulnerability, impacted WhatsApp products, an alleged […]