Currently browsing: Mobile Malware

Detecting DoubleLocker Ransomware

What is DoubleLocker? Security researchers at ESET discovered a new ransomware infecting Android phones called DoubleLocker. DoubleLocker is an exploit that encrypts data on the infected device and then changes the device PIN to a random number. Victims remain locked out of their device unless they pay a ransom to the hackers. DoubleLocker spreads […]

Read more

Validating Machine Learning Detection of Mobile Malware with Zimperium’s z9

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has […]

Read more

Fake Snapchat in Google Play Store

Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for “Snapchat”. The fake version of Snapchat app is using “Snap Inc .” as Company Name, with a  ” […]

Read more

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping […]

Read more

Threat Research: FalseGuide

This Threat Research is about the recently (re)discovered “FalseGuide” threat found in Google Play. FalseGuide is a form of malware that has been hidden in more than 40 game guide apps in Google Play since February 2017. According to reports, approximately 600,000 devices may have been infected before the known […]

Read more

NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosure. […]

Read more

NDAY-2017-0105: Elevation of Privilege Vulnerability in MSM Thermal Driver

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) Following our announcement on the N-Days Exploit Acquisition Program for smartphones, we are delighted to share the first couple of submissions. We received many submissions and we’re in the process of sharing them with ZHA followed by a public disclosure. […]

Read more

Zimperium users are safe from Gooligan

Zimperium users are safe from Gooligan. A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users. “Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk […]

Read more

Will the Real Hummer Trojan Please Stand Up?

Several researchers have reported on the discovery of Hummer Trojan, as one calls it, or HummingBad as another calls it. Another said it was also known as Shedun. Zimperium’s customers are safe from this recently discussed threat even before these threats were published. The attack was detected through our z9 […]

Read more

Pokémon Go: the Security Cost of Catching ’em All

For the past two weeks, full-grown adults, college students and children have all been roaming around the country in search of Pokémon (gotta catch ’em all, right?). This augmented reality mobile phenomenon has removed people from their home and encouraged them to explore their neighborhoods, but catching them all has […]

Read more

Get started with Zimperium today