‘Quadrooter’ is a group of four vulnerabilities affecting specific Android devices leveraging the Qualcomm chipset and associated driver code. These four vulnerabilities are a small part of the 36 vulnerabilities reported from the same class of bug (privilege escalation) for the same vendor (Qualcomm) that were fixed as part of […]
All posts tagged: Android
Zimperium Applauds Google’s Rapid Response to Unpatched Kernel Exploit
On March 15th, Zimperium’s zIPS Mobile Threat Protection solution identified a zero-day mobile attack and its zLabs research team immediately reported the exploit to the Android Security Team. The reported attack is delivered via a publicly-available rooting application, KingRoot, using an unpatched local elevation of privilege vulnerability in the kernel reported […]
Taking a Deeper Dive into Leech: One of the Three Families of Malware Dubbed as Triada
Triada is now the “umbrella” name for the three mobile Trojan families – Ztorg, Gorpo and Leech – that, as we mentioned before, primarily exploit users of Android 4.4.4 and earlier versions of the mobile OS. In this blog post, the zLabs team presents specifically the findings from our testing […]
Reflecting on Recent iOS and Android Security Updates
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) The last thirty days proven to be yet another exciting time for the mobile security ecosystem. Apple and Google released updates for their respective mobile operating systems that fix several critical issues — including […]
Zimperium’s z9 Engine Detected the Recent Adware with Rooting Capabilities without an Update
Last week, a new strain of trojan adware was discovered, bearing automatic device-rooting capabilities that make it almost impossible to remove from affected Android devices. This malware, dubbed Shuanet is another example of increasing sophistication in mobile threats. Shuanet is the third family in a trilogy of recently discovered malicious […]
Zimperium zLabs is Raising the Volume: New Vulnerability Processing MP3/MP4 Media.
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Nikias Bassen Follow Nikias Bassen (@pimskeks) Following our discovery of vulnerabilities in the Stagefright library in April, Zimperium Mobile Threat Protection, zLabs VP of Research Joshua J. Drake continued researching media processing in Android. His continued research, which focused on remote […]
ZHA – Accelerating roll-out of Security Patches
By:Zuk Avraham Follow Zuk Avraham (@ihackbanme)Joshua Drake Follow Joshua Drake (@jduck)Yaniv Karta Follow Yaniv Karta (@shokoluv) Reflecting on our collective experiences in the Android ecosystem, especially recent events around Stagefright, we were reminded of several deficiencies in the way that Android security update ecosystem works. To help address these issues, […]
How to Protect from StageFright Vulnerability
Earlier this week, Zimperium (@ZIMPERIUM), the leader in mobile threat protection, unveiled a major vulnerability in Android – Stagefright. Joshua Drake (@jduck), VP of Platform Research and Exploitation and a senior member of Zimperium zLabs, proactively studied the code. According to a few firms, other people have identified vulnerabilities in […]
Cutting Through The Weekly Mobile Security Noise: The Rise of Android Threats
The rise of Android-developed malware is creating a serious problem for organizations. Research firm Strategy Analytics found that “81.3 percent of smartphones sold in the third quarter of 2013 were powered by Android” and that number is continuing to soar. The increasing popularity of these devices is attracting cyber criminals […]
What Verizon Missed in the Latest Threat Report
By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Shah (To download the detailed report, click here) Recently, Verizon published a report that says that malware on mobile is not an issue. We strongly suggest Verizon and other enterprises not underestimate the scale of one percent. The sheer number of mobile […]