On December 3rd, Christopher Bing and Joseph Menn at Reuters disclosed that iPhones of numerous U.S. State Department employees were hacked by an unknown assailant using Pegasus spyware developed by the Israel-based NSO Group. While it may be easy to dismiss this as a geopolitical or nation-state incident, it would […]
Update November 22, 2021: It has been determined that this specific campaign is no longer active. The command and control server has been taken down, and the infected devices are no longer under the control of the attackers. Many of the malware campaigns we have detected over the last year […]
Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and […]
A massive data leak revealed an iOS spyware malware called Pegasus had been used by authoritative governments to target over 50,0000 journalists, activists, and legal professionals from over 50 countries. Pegasus, which was produced and distributed by the Israeli surveillance company NSO Group, is malware that infects iPhone devices enabling […]
Would you trust an application on your device from a third-party app store? Would you trust that same app store on the endpoints connected to your corporate infrastructure? The premise of a third-party app store is relatively innocent on the surface, with hundreds of repositories set up to enable mobile […]
Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and banking malware family, uses SMS phishing techniques to propagate to its victims, purporting to be various vendors and delivery services. The group behind this aggressive malware […]
Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading […]
Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious […]
As part of Google’s App Defense Alliance, Zimperium helps make the Android ecosystem safer by processing all apps before they reach Google Play. However, malicious applications can find their way to user’s devices through third party stores, sideloaded applications and malicious websites that trick users into downloading and installing apps. […]
What is it? BlackRock – an advanced Android malware derived from Xeres malware – evades detection and steals login credentials or credit card data from 337 different mobile banking, shopping, lifestyle, and video apps. BlackRock was disclosed in July 2020 by ThreatFabric. The Zimperium z9 engine had begun detecting early […]
Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox