Posts in "Threat Research"

Will the Real Hummer Trojan Please Stand Up?

Several researchers have reported on the discovery of Hummer Trojan, as one calls it, or HummingBad as another calls it. Another said it was also known as Shedun. Zimperium’s customers are safe from this recently discussed threat even before these threats were published. The attack was detected through our z9 machine learning engine without requiring … Read More

Stagefright: One Year Later

It’s been exactly one year since Joshua J. Drake, our zLabs VP of Platform Research and Exploitation, disclosed Stagefright — one of the worst Android vulnerabilities to date. Stagefright impacted nearly 1 billion Android devices total, and up to 850 million devices remain vulnerable as of March 2016. Stagefright gives attackers, armed with only a … Read More

Zimperium Applauds Google’s Rapid Response to Unpatched Kernel Exploit

On March 15th, Zimperium’s zIPS Mobile Threat Protection solution identified a zero-day mobile attack and its zLabs research team immediately reported the exploit to the Android Security Team. The reported attack is delivered via a publicly-available rooting application, KingRoot, using an unpatched local elevation of privilege vulnerability in the kernel reported as CVE-2015-1805. Affected devices are … Read More

Reflecting on Stagefright Patches

42.84% of Android devices tested are vulnerable to CVE-2015-3864. Although Google issued an update to the Hangout app that disabled automatic processing of media files, we know that CVE-2015-3864 can be exploited remotely and reliably via the browser. The number of Android devices is estimated to be between 1.4 and 2 billion. Scaling our statistics … Read More

Triada Gets Tripped by Zimperium’s z9 Engine

Triada, a modular, stealthy and persistent Trojan targeting Android devices, was recently seen in the wild and reported on March 3, 2016. It, like so many others that we see daily, actively uses root privileges and operates silently to take over a device. Triada is primarily propagated through malicious applications that users download/install from untrusted … Read More