Android

February 12, 2025

So You Think That Popular App is Safe? Think Again!

Our security research team looked at the top 50 apps from iOS App store and Android Play Store and identified one app from each category that exhibited a high security or privacy vulnerability score.

Read More

February 4, 2025

Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach

Our zLabs research team has discovered a mobile malware campaign consisting of almost 900 malware samples primarily targeting users of Indian banks.

Read More

January 31, 2025

Zimperium’s Protection Against Tria Stealer’s SMS Data Theft

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against Tria Stealer.

Read More

January 27, 2025

Zimperium’s Comprehensive Protection Against Fake SBI Reward Banking Trojan

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against fake SBI Reward banking trojan.

Read More

January 24, 2025

Hidden in Plain Sight: PDF Mishing Attack

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices.

Read More

December 19, 2024

How Zimperium Can Help With Advanced Spyware Such as NoviSpy

Discover how Zimperium can help with advanced spyware such as NoviSpy.

Read More

September 26, 2024

Zimperium Detects New Android Spyware Targeting South Korea

Security researchers at Cyble have uncovered a new Android spyware campaign primarily targeting individuals in South Korea. This sophisticated malware, masquerading as legitimate applications, poses a significant threat to user privacy and data security.

Read More

July 1, 2024

Unmasking Rafel RAT: Android Infiltration Campaign

Application sideloading opens the door to significant security vulnerabilities increasing the attack surface users are exposed to.

Read More

May 1, 2024

More Malware May be Exposed to iOS Devices Because of Supreme Court Ruling

According to The Wall Street Journal’s article Apple Loses Bid to End App Antitrust Case in Supreme Court, “Consumers can sue Apple Inc. for forcing them

Read More

May 3, 2023

BouldSpy: A New Android Surveillance Tool

Learn about BouldSpy, a newly discovered Android surveillance tool, and how Zimperium's on-device machine-learning technology can protect you.

Read More

October 5, 2022

We Smell A RatMilad Android Spyware

The Zimperium zLabs research team discovered spyware targeting Middle Eastern enterprise mobile devices and began monitoring the activity of a novel Android spyware family that we have since named RatMilad. Learn how Zimperium zIPS customers are protected against RatMilad spyware. Read more.

Read More

January 26, 2022

Financially Motivated Mobile Scamware Exceeds 100M Installations

Research by Aazim Bill SE Yaswant and Nipun Gupta While some financially motivated scams may seem simple on the surface, the truth of the matter is that

Read More

January 25, 2022

BRATA Android Trojan Returns with Fury

Share this blog Marking its most aggressive comeback to the Android ecosystem since its discovery in 2019, the BRATA Android malware has targeted global vi

Read More

December 16, 2021

Zimperium and Intertrust Partner to Provide End-to-End Security for IoT devices

Zimperium and Intertrust’s partnership offers best-in-class protection for edge devices in trusted data ecosystems Today, Zimperium and Intertrust

Read More

November 30, 2021

Why the Software Bill Of Materials(SBOM) Must Extend to the Mobile App Supply Chain

  Supply Chain attacks are not a new problem, but their frequency has been increasing since 2013 when Target was breached. But the recent attacks on

Read More

November 10, 2021

PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens

Update November 22, 2021: It has been determined that this specific campaign is no longer active. The command and control server has been taken down, and

Read More

September 29, 2021

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally

Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals

Read More

August 9, 2021

FlyTrap Android Malware Compromises Thousands of Facebook Accounts

A new Android Trojan codenamed FlyTrap has hit at least 140 countries since March 2021 and has spread to over 10,000 victims through social media

Read More

May 5, 2021

Flubot vs. Zimperium

Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and

Read More

April 13, 2021

Android Trojans Infect APKPure and Huawei App Stores

Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google

Read More

November 6, 2019

Zimperium and Google Partner to Fight Bad Apps through App Defense Alliance

We are thrilled to announce Google has selected us to help ensure the safety of the millions of apps in the Google Play Store through its App Defense

Read More

August 15, 2019

What exactly is a mobile ______ attack?

Mobile devices contain or have access to the same information as traditional endpoints. While billions of dollars have been spent protecting and securing

Read More

August 13, 2019

To Be...Protected, or not To Be...Protected. That is the Question.

These last few days could have CIOs and CISOs very nervous. Two news stories about mobile devices pose real threats for enterprises around the world: From

Read More

July 26, 2019

Zimperium Customers Protected From Monokle Malware

According to Threatpost, another new malicious Android app - dubbed “Monokle”- is gaining attention. While Monokle has some interesting capabilities

Read More

July 15, 2019

Latest Android Malware is Not a Surprise; Zimperium Customers Protected

According to news reports, a new strain of Android malware has infected 25 million devices and modified legitimate apps with a malicious ads module.  

Read More

June 14, 2019

WhatsApp Buffer Overflow Vulnerability: Under the Scope

Researcher: Chilik Tamir (@_coreDump)   Recently, Zimperium blogged about the new WhatsApp vulnerability disclosed by Facebook on May 13th. This

Read More

March 8, 2019

Zimperium Webinar Series: Seven Deadly (Mobile Security) Sins… According to CISOs

Zimperium, a global leader in enterprise mobile threat defense (MTD) and a leading provider of real-time, on-device protection against known and unknown

Read More

February 28, 2019

Machine Learning vs Signatures, Round N: Once Again, Zimperium Detects Malware No One Else Does

Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo)     Advertising and click fraud campaigns are one of the most common

Read More

February 26, 2019

Zimperium Integrates with IBM MaaS360 with Watson

We recently blogged about the enterprise requirement for mobile threat defense (MTD) solutions to support various, and often multiple Mobile Device

Read More

December 4, 2018

Zimperium Scales into the Billions (that’s with a “B”)

Seven thousand events per second. Six hundred million events per day. Two hundred billion (that’s with a “B”) events per year. That is how many events

Read More

November 9, 2018

CVE-2018-9539: Use-after-free vulnerability in privileged Android service

As part of our platform research in Zimperium zLabs, I have recently discovered a vulnerability in a privileged Android service called MediaCasService and

Read More

November 8, 2018

Your App, Our Security: Zimperium Launches Latest Version of Machine Learning-Based Security for Mobile Apps

Zimperium is announcing the availability of the latest version of zIAP, our industry-leading, machine learning-based mobile security solution developed

Read More

October 30, 2018

CVE-2018-9411: New critical vulnerability in multiple high-privileged Android services

As part of our platform research in Zimperium zLabs, I have recently disclosed a critical vulnerability affecting multiple high-privileged Android

Read More

September 19, 2018

Fake Play Market: Zimperium’s z9 against Social Engineering Attack Vectors

Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo) Introduction Since the beginning of 2018, researchers in Zimperium’s zLabs have

Read More

September 11, 2018

Zimperium Announces Support for Google Cloud

Zimperium is proud to be the global leader in enterprise mobile security. While many of our detection and architectural innovations have come from the

Read More

August 7, 2018

zLabs at BSides Las Vegas: Where Android security helps and fails

This week at BSides Las Vegas, zLabs' security researcher, Tamir Zahavi-Brunner (@tamir_zb) is conducting a session titled "Treble or Trouble: Where

Read More

June 29, 2018

RAMpage: The Latest Rowhammer-esque Android Vulnerability

On June 28th, a group of eight academics across three different universities released a research paper outlining a new Android vulnerability called

Read More

March 14, 2018

Threat Advisory: RedDrop

RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and

Read More

January 22, 2018

Threat Advisory: Skygofree

Skygofree, another in the long line of Android based spyware, is being touted as one of the most advanced targeted surveillance tools ever seen on mobile

Read More

December 15, 2017

BankBot & Friends: Phishing Mobile Customers Like You Soon

Back in April of 2017, researchers discovered a new form of Android-targeting malware using fake overlay screens to mimic existing banking apps and steal

Read More

November 7, 2017

Clicking Bot Applications

Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your

Read More

October 17, 2017

Validating Machine Learning Detection of Mobile Malware with Zimperium’s z9

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the

Read More

August 10, 2017

Fake Snapchat in Google Play Store

Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the

Read More

August 9, 2017

ZPI: One approach to rule them all

In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works "Adaptation in Natural and Artificial

Read More

July 11, 2017

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in

Read More

July 11, 2017

zIPS and "Android for Work"

zIPS, the leading mobile threat defense solution, now provides tailored protection for Android for Work use cases. Enterprise IT and security

Read More

May 25, 2017

NDAY-2017-0106: Elevation of Privilege in NVIDIA nvhost-vic driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0106 CVE: CVE-2016-2434 Type:

Read More

May 25, 2017

N-Days Exploits: NDAY-2017-0103 Arbitrary kernel write in sys_oabi_epoll_wait

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0103 CVE: CVE-2016-3857 Type:

Read More

April 25, 2017

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden

Read More

April 25, 2017

NDAY-2017-0105: Elevation of Privilege Vulnerability in MSM Thermal Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit

Read More

April 25, 2017

NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit

Read More

March 16, 2017

Threat Research: Pre-Installed Android Malware

This Threat Research is about the recently discovered “Pre-installed Android Malware” threat. At least 36 high-end smartphone models belonging to popular

Read More

March 9, 2017

“Vault 7”: Nation-states have the same tools as hackers-for-hire, so what?

Yesterday, WikiLeaks published documents suggesting the CIA had access to, and developed, tools that can be used to hack smartphones and other Internet

Read More

December 1, 2016

Analysis of multiple vulnerabilities in AirDroid

Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2:

Read More