Webinar reveals why leading critical national infrastructure enterprises are implementing mobile threat defense. Zimperium is providing mobile security for electric utilities and other critical national infrastructure (CNI) enterprises. Customers, media and the general public watching the live webinar will discover why mobile devices are a security risk to these enterprises. […]
Currently browsing: Mobile Malware
Threat Advisory: Skygofree
Skygofree, another in the long line of Android based spyware, is being touted as one of the most advanced targeted surveillance tools ever seen on mobile devices. Skygofree is designed to enable surveillance and full device control by remote attackers. On unprotected mobile devices, Skygofree allows attackers to perform advanced […]
BankBot & Friends: Phishing Mobile Customers Like You Soon
Back in April of 2017, researchers discovered a new form of Android-targeting malware using fake overlay screens to mimic existing banking apps and steal user credentials. Distributed as benign apps in Google Play, BankBot-infected apps were posing as 20 entertainment and mobile banking apps. This first version of BankBot targeted a small […]
Fake WhatsApp… and the Real Malware zLabs Discovered
On November 3, 2017, some users of Reddit noticed two WhatsApp applications with the same developer name “WhatsApp Inc.” and started to investigate what looked like a fake update for the WhatsApp application. They quickly realized that the application has been downloaded more than one million times. As a part […]
Clicking Bot Applications
Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your private digital data. Phishing Malware phishes for your username, password or account numbers. Installation-fraud achieves fake software installations. Ad fraud fraudulently represents online advertisement […]
Detecting DoubleLocker Ransomware
What is DoubleLocker? Security researchers at ESET discovered a new ransomware infecting Android phones called DoubleLocker. DoubleLocker is an exploit that encrypts data on the infected device and then changes the device PIN to a random number. Victims remain locked out of their device unless they pay a ransom to the hackers. DoubleLocker spreads […]
Validating Machine Learning Detection of Mobile Malware with Zimperium’s z9
Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has […]
Fake Snapchat in Google Play Store
Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a ” […]
Zero Packet Inspection
Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping […]
Threat Research: FalseGuide
This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known […]
Mobile Security Updates
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox