Posts in "Mobile Malware"

Zimperium’s z9 Engine Detected the Recent Adware with Rooting Capabilities without an Update

Last week, a new strain of trojan adware was discovered, bearing automatic device-rooting capabilities that make it  almost impossible to remove from affected Android devices. This malware, dubbed Shuanet is another example of increasing sophistication in mobile threats. Shuanet is the third family in a trilogy of recently discovered malicious adware that disguises itself as … Read More

zYiRemoval – Free tool to remove YiSpecter

By:Nikias Bassen Follow Nikias Bassen (@pimskeks) An enterprise security vendor, Palo Alto Networks,  followed up on a threat discovered by Cheetah Mobile and Qihoo360, and identified a malware spreading through social media and other channels. This malware, named YiSpecter, is abusing enterprise code signing to trick the user into installing a malicious app. Following Zimperium’s … Read More

How to Protect from StageFright Vulnerability

Earlier this week, Zimperium (@ZIMPERIUM), the leader in mobile threat protection, unveiled a major vulnerability in Android – Stagefright. Joshua Drake (@jduck), VP of Platform Research and Exploitation and a senior member of Zimperium zLabs, proactively studied the code. According to a few firms, other people have identified vulnerabilities in Stagefright which lead us to … Read More

Zimperium customers are safe from Samsung Keyboard Security Risk

A potential security risk has been discovered on a large number of Android Smartphones as discovered by Nowsecure. Some of the latest devices, such as Samsung Galaxy S6, and Galaxy S5, come pre-loaded with a third-party keyboard app, SwiftKey, which fetches an update over unsecure and invalidated channel. This allows the attacker on the same Wifi … Read More

Telegram App Store Secret-Chat Messages in Plain-Text Database

EDIT: The following post * was not on a rooted or jailbroken device *. In order to access the plain-text secret-chat database containing the messages, we used our implementation of CVE-2014-3153. The claims that the device is rooted / jailbroken are incorrect and misleading. I will start by quoting CryptoFail blog “Telegram is an encrypted … Read More