Introduction For a variety of security reasons, obfuscating code is a best practice for mobile app developers. Legitimate app developers use obfuscation to protect intellectual property and prevent attacks against their code, and malware providers use it to hide malicious capabilities. Not surprisingly, in the cat-and-mouse game of cybersecurity, this […]
Follow @fvrmatteo On February 26, 2018, we received a notification from the detection system about a malicious sample with a suspicious package and Play Store name. We quickly verified the automatic analysis and confirmed the sample was actively trying to scam users to download it instead of the original BBC […]
As mobile malware advances to the levels of desktop malware, it’s not uncommon to stumble upon protected APKs while analysing malware. Most of the times, the sample is simply obfuscated via classes/variables name stripping from the DEX file and/or strings obfuscation; but other times several layers divide the researcher from […]
On November 3, 2017, some users of Reddit noticed two WhatsApp applications with the same developer name “WhatsApp Inc.” and started to investigate what looked like a fake update for the WhatsApp application. They quickly realized that the application has been downloaded more than one million times. As a part […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox