Posts in "Android"

zLabs at BSides Las Vegas: Where Android security helps and fails

This week at BSides Las Vegas, zLabs’ security researcher, Tamir Zahavi-Brunner (@tamir_zb) is conducting a session titled “Treble or Trouble: Where Android’s latest security enhancements help, and where they fail.” Tamir’s work is another example of why zLabs is recognized as the world’s most qualified and talented collection of researchers focused 100% exclusively on mobile Here is the abstract for Tamir’s … Read More

RAMpage: The Latest Rowhammer-esque Android Vulnerability

On June 28th, a group of eight academics across three different universities released a research paper outlining a new Android vulnerability called “RAMpage”.  It’s a variation of previous attacks that use the Rowhammer hardware vulnerability to run malicious code by changing what’s stored in a device’s memory (RAM) and has the potential of data loss … Read More

Threat Advisory: RedDrop

RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and exfiltrate sensitive data, but unfortunately that doesn’t make it unique. While there appears to be an elaborate network behind it, RedDrop is simply another Android spyware variant that utilizes well-known … Read More

Threat Advisory: Skygofree

Skygofree, another in the long line of Android based spyware, is being touted as one of the most advanced targeted surveillance tools ever seen on mobile devices. Skygofree is designed to enable surveillance and full device control by remote attackers. On unprotected mobile devices, Skygofree allows attackers to perform advanced attacks including location-based sound recording, … Read More

BankBot & Friends: Phishing Mobile Customers Like You Soon

Back in April of 2017, researchers discovered a new form of Android-targeting malware using fake overlay screens to mimic existing banking apps and steal user credentials. Distributed as benign apps in Google Play, BankBot-infected apps were posing as 20 entertainment and mobile banking apps. This first version of BankBot targeted a small number of institutions. In October … Read More