Analysis & Post By: Alex Calleja (@alximw) Matteo Favaro (@fvrmatteo) Introduction Since the beginning of 2018, researchers in Zimperium’s zLabs have been tracking a rise in the frequency and sophistication of applications that have been loaded outside of the official Google Play Store. Many of these have leveraged social engineering techniques such as duplicate Play Stores. … Read More
This week at BSides Las Vegas, zLabs’ security researcher, Tamir Zahavi-Brunner (@tamir_zb) is conducting a session titled “Treble or Trouble: Where Android’s latest security enhancements help, and where they fail.” Tamir’s work is another example of why zLabs is recognized as the world’s most qualified and talented collection of researchers focused 100% exclusively on mobile Here is the abstract for Tamir’s … Read More
On June 28th, a group of eight academics across three different universities released a research paper outlining a new Android vulnerability called “RAMpage”. It’s a variation of previous attacks that use the Rowhammer hardware vulnerability to run malicious code by changing what’s stored in a device’s memory (RAM) and has the potential of data loss … Read More
RedDrop is another in the long line of Android spyware apps. The malware has captured attention because of its ability to turn on microphones and exfiltrate sensitive data, but unfortunately that doesn’t make it unique. While there appears to be an elaborate network behind it, RedDrop is simply another Android spyware variant that utilizes well-known … Read More
Follow @fvrmatteo On February 26, 2018, we received a notification from the detection system about a malicious sample with a suspicious package and Play Store name. We quickly verified the automatic analysis and confirmed the sample was actively trying to scam users to download it instead of the original BBC News mobile app. Fake … Read More
