Currently browsing: Mobile Malware

Pegasus Spyware Found on U.S. State Department iPhones

On December 3rd, Christopher Bing and Joseph Menn at Reuters disclosed that iPhones of numerous U.S. State Department employees were hacked by an unknown assailant using Pegasus spyware developed by the Israel-based NSO Group. While it may be easy to dismiss this as a geopolitical or nation-state incident, it would […]

Read more

Sideloaded Applications: The Risk of Fewer Restrictions

Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your corporate infrastructure? The premise of a third-party app store is relatively innocent on the surface, with hundreds of repositories set up to enable mobile […]

Read more

Flubot vs. Zimperium

Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and banking malware family, uses SMS phishing techniques to propagate to its victims, purporting to be various vendors and delivery services. The group behind this aggressive malware […]

Read more

Android Trojans Infect APKPure and Huawei App Stores

Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading […]

Read more

New Advanced Android Malware Posing as “System Update”

Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious […]

Read more

Threat Advisory: BlackRock Mobile Malware

What is it? BlackRock – an advanced Android malware derived from Xeres malware – evades detection and steals login credentials or credit card data from 337 different mobile banking, shopping, lifestyle, and video apps. BlackRock was disclosed in July 2020 by ThreatFabric. The Zimperium z9 engine had begun detecting early […]

Read more