Posts in "App Security"

BankBot & Friends: Phishing Mobile Customers Like You Soon

Back in April of 2017, researchers discovered a new form of Android-targeting malware using fake overlay screens to mimic existing banking apps and steal user credentials. Distributed as benign apps in Google Play, BankBot-infected apps were posing as 20 entertainment and mobile banking apps. This first version of BankBot targeted a small number of institutions. In October … Read More

Clicking Bot Applications

Cyber crime, like any crime, has its motives; each malware has its own malicious profit. Spyware spies on you. Ransomware demands a ransom to decrypt your private digital data. Phishing Malware phishes for your username, password or account numbers. Installation-fraud achieves fake software installations. Ad fraud fraudulently represents online advertisement impressions, clicks, conversion or data … Read More

Analysis of multiple vulnerabilities in AirDroid

  Reported by: Simone Margaritelli Security Researcher at Zimperium zLabs Edit: 11:02AM PDT: added exploit POC code below the disclosure timeline. Edit2: 06:01PM PDT: edited timeline to reflect 4.0.0 and 4.0.1 release dates and confirming that both versions are still vulnerable. Edit3: Dec 12th, 2016, 10:41AM PDT: edited timeline to reflect security testing on 4.0.2 … Read More

Pokémon Go: the Security Cost of Catching ’em All

For the past two weeks, full-grown adults, college students and children have all been roaming around the country in search of Pokémon (gotta catch ’em all, right?). This augmented reality mobile phenomenon has removed people from their home and encouraged them to explore their neighborhoods, but catching them all has come at a cost: beyond … Read More