App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant
by Lilang Wu, Ju Zhu, and Moony Li We covered iXintpwn/YJSNPI in a previous blog post and looked into how it renders an iOS device unresponsive by overflowing it with icons. This threat comes in the form of an unsigned profile that crashes the standard application that manages the iOS home screen when installed. The […] more…Android Mobile Ransomware: Bigger, Badder, Better?
By Lorin Wu (Mobile Threat Analyst) The mobile threat landscape isn’t just rife with information stealers and rooting malware. There’s also mobile ransomware. While it seems they’re not as mature as their desktop counterparts, what with the likes of WannaCry and Petya, the increasing usage of mobile devices, particularly by businesses, will naturally draw more […] more…OSX Malware Linked to Operation Emmental Hijacks User Network Traffic
The OSX_DOK malware (Detected by Trend Micro as OSX_DOK. C) showcases sophisticated features such as certificate abuse and security software evasion that affects machines using Apple’s OSX operating system. This malware, which specifically targets Swiss banking users, uses a phishing campaign to drop its payload, which eventually results in the hijacking of a user’s network […] more…Fake WannaCry Protection Apps Hit the Google Play Store
WannaCry was the ransomware attack heard around the world. It impacted more than 150 countries and infected over 250,000 devices running Windows programs. It didn’t, however, affect devices running Android software. But that’s not what some app developers want you to believe, as rogue WannaCry ‘protectors’ have begun to offer protection apps on Google Play […] more…PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores
One of the most popular ways to make money online is through pornography—whether through legitimate distribution or different online scams. Last year we detected a new variant of the Marcher Trojan targeting users through porn sites, and the year before that popular porn apps were used as lures to compromise millions of mobile users in […] more…A Reflection on Mobile World Congress
As the dust settles on another busy year at Mobile World Congress, it’s important to reflect not just on the conference itself, but also the key takeaways for the security and consumer tech industry. MWC is seen by many as the key event for the mobile industry, but one thing I realised this year is […] more…Mobile malware evolution 2016
The year in figures In 2016, Kaspersky Lab detected the following: 8,526,221 malicious installation packages 128,886 mobile banking Trojans 261,214 mobile ransomware Trojans Trends of the year Growth in the popularity of malicious programs using super-user rights, primarily advertising Trojans. Distribution of malware via Google Play and advertising services. Emergence of new ways to bypass […] more…Mobile World Congress: The Evolution of Mobile Security Through the Years
As I prep for Mobile World Congress, I’ve done some reflecting on my very first cell phone. Whether it was my very first, a Motorola flip phone, then Nokia’s indestructible brick phone, followed by the first-gen iPhone, one thing is certain today: what lives in the palm of my hand has advanced light-years beyond its […] more…Mobile apps and stealing a connected car
The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. The case in point is not only multimedia systems (music, maps, and films are available on-board in modern luxury cars) but also car key systems in both literal and figurative senses. By using […] more…In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope
65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and analyzed hit the 19.2 million mark—a huge leap from the 10.7 million samples collected in 2015. Indeed, the ubiquity of mobile devices among individual users and organizations, […] more…The Most Important Mobile Security Resolutions for 2017
January gets a bad rap. A dreary month, the air is bitterly cold, and the days are so short that you could miss the daylight in the blink of an eye. At the same time, we try to stay positive and stick to our resolutions for the new year. The common promises to eat better, […] more…UK mobile operator loses phones following data breach
In a twist, thieves in the U.K. hacked personal data to steal high-end smartphones, rather than hacking phones to steal personal data. The thefts came to light after mobile network operator Three noticed a recent increase in levels of handset fraud, the company said Friday. By accessing the system Three uses to manage handset upgrades, […] more…App Store Flooded with Phony Retail Apps to Kick Off Holiday Season
The holiday season has officially kicked off, which means a number of things for many of us: seasonal cheer, quality time with loved ones, and admittedly for many, lots and lots of shopping. And these days, many of holiday retail sales are happening online. Unfortunately, that also means now more than ever, there’s more holiday-related […] more…Rooting Pokémons in Google Play Store
A few days ago we reported to Google the existence of a new malicious app in the Google Play Store. The Trojan presented itself as the “Guide for Pokémon Go”. According to the Google Play Store it has been downloaded more than 500,000 times. Our data suggests there have been at least 6,000 successful infections, […] more…Gugi: from an SMS Trojan to a Mobile-Banking Trojan
In the previous article, we described the mechanisms used by Trojan-Banker.AndroidOS.Gugi.c to bypass a number of new Android 6 security features. In this article, we review the entire Gugi mobile-banking Trojan family in more detail. The use of WebSocket by Gugi The mobile-banking Trojan family, Trojan-Banker.AndroidOS.Gugi is interesting due to its use of the WebSocket […] more…What this expensive ‘secure’ phone tells us about mobile hacking
Mobile security is a bit of a misnomer. Few of us can say we’ve been attacked by a piece of malware or have quarantined an actual virus. The odds are stacked against us. Mobile operators like Verizon and Sprint routinely scan for threats, and both Google Android and the Apple iPhone include multiple security measures […] more…More information
- Macros big again with cybercriminals
- Researchers Unveiled a New, Serious Vulnerability In Tor
- Cybercriminals are increasingly abusing .eu domains in attacks
- Hacking gang stole millions in cryptocurrency via SIM swaps
- CloudFlare aims to simplify SSL encryption with free service
- Serious Security: The decade-ending “Y2K bug” that wasn’t
- Malware Mines, Steals Cryptocurrencies From Victims
- SSCC 112 – Keyjacking, Facebook and Opera breaches, Apple’s WPA passwords [PODCAST]
- Kemoge malware: Yet another reason not to use unofficial Android app installs
- Meet the Self-Driving Car Built for Human-Free Racing