Posts in "Mobile Malware"

Validating Machine Learning Detection of Mobile Malware with Zimperium’s z9

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this research … Read More

Fake Snapchat in Google Play Store

Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” .” appended to original name. … Read More

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and validate performance data from … Read More

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known versions of the malware were … Read More

NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosure. We plan to release additional … Read More