Research by Aazim Bill SE Yaswant and Nipun Gupta While some financially motivated scams may seem simple on the surface, the truth of the matter is that cybercriminals are investing large amounts of money into strategies and infrastructure to scale up their malicious campaigns. Those investments are paying off as […]
A new Android Trojan codenamed FlyTrap has hit at least 140 countries since March 2021 and has spread to over 10,000 victims through social media hijacking, third-party app stores, and sideloaded applications. Zimperium’s zLabs mobile threat research teams recently found several previously undetected applications using Zimperium’s z9 malware engine and […]
Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and banking malware family, uses SMS phishing techniques to propagate to its victims, purporting to be various vendors and delivery services. The group behind this aggressive malware […]
Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading […]
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious […]
Abstract When approaching the development of a mobile application, one of the key design decisions revolves around the server side aspect of the application. Specifically, storage of information relevant to the app’s usage, as well as the backend API’s allowing the app to query the server for information in real […]
When most people think of Zimperium, they may recognize us as the leader in enterprise mobile device and app security. Or, they have seen the recent news on the Defense Information Systems Agency (DISA), a U.S. Department of Defense (DoD) organization, selecting us to deliver comprehensive Mobile Endpoint Protection (MEP) […]
Nearly 75% used AT&T or AT&T and Yahoo logos Scammers – masquerading as more than 25 different companies, brands and government agencies – used 265 Google Forms in an effort to steal user passwords and credentials. According to our findings, the links remained active for several months after being added […]
2020 has been crazy… to say the least. But in many ways, 2020 has thrust a huge spotlight on something we’ve known for quite some time – – mobile threats are real and mobile devices and apps need protection. It truly is crazy how many stories we’ve seen – and […]
The U.S. is “looking at” banning TikTok and other Chinese social media apps, Secretary of State Mike Pompeo told Fox News on Monday. This comes on the heels of TikTok and other “questionable” apps being taken down from Apple’s App Store and Google Play in India. The India Ministry of […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox