Posts in "Mobile Malware"

NDAY-2017-0105: Elevation of Privilege Vulnerability in MSM Thermal Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosure. We plan to release additional … Read More

Zimperium users are safe from Gooligan

Zimperium users are safe from Gooligan. A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users. “Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk Avraham. Gooligan fully compromised the … Read More

Will the Real Hummer Trojan Please Stand Up?

Several researchers have reported on the discovery of Hummer Trojan, as one calls it, or HummingBad as another calls it. Another said it was also known as Shedun. Zimperium’s customers are safe from this recently discussed threat even before these threats were published. The attack was detected through our z9 machine learning engine without requiring … Read More

Pokémon Go: the Security Cost of Catching ’em All

For the past two weeks, full-grown adults, college students and children have all been roaming around the country in search of Pokémon (gotta catch ’em all, right?). This augmented reality mobile phenomenon has removed people from their home and encouraged them to explore their neighborhoods, but catching them all has come at a cost: beyond … Read More

Zimperium Applauds Google’s Rapid Response to Unpatched Kernel Exploit

On March 15th, Zimperium’s zIPS Mobile Threat Protection solution identified a zero-day mobile attack and its zLabs research team immediately reported the exploit to the Android Security Team. The reported attack is delivered via a publicly-available rooting application, KingRoot, using an unpatched local elevation of privilege vulnerability in the kernel reported as CVE-2015-1805. Affected devices are … Read More