Collaborate Disseminate
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago. Continue reading Skygofree: Following in the footsteps of HackingTeam
Among this array of threats we found a rather interesting sample – Trojan.AndroidOS.Loapi. This Trojan boasts a complicated modular architecture that means it can conduct a variety of malicious activities: mine cryptocurrencies, annoy users with constant ads, launch DDoS attacks from the affected device and much more. Continue reading Jack of all trades
Recently, in our never-ending quest to protect the world from malware, we found a misbehaving Android trojan. Although malware targeting the Android OS stopped being a novelty quite some time ago, this trojan is quite unique. Instead of attacking a user, it attacks the Wi-Fi network the user is connected to, or, to be precise, the wireless router that serves the network. Continue reading Switcher: Android joins the ‘attack-the-router’ club
In fact, any site using AdSense to display adverts could potentially have displayed messages that downloaded the dangerous Svpeng and automatically saved it to the device’s SD card. We intercepted traffic coming from the attacked device when this sort of “advert” was displayed, and figured out how the malicious program was downloaded and automatically saved. Continue reading Disassembling a Mobile Trojan Attack
It is far from easy for the app to get into Google Play. Some malware writers give up their efforts to push their malicious creations past security checks, and instead learned how to use the store’s client app in their dark business. Continue reading How Trojans manipulate Google Play
Applications that gain root access to a mobile device without the user’s knowledge can provide access to much more advanced and dangerous malware, in particular, to Triada, the most sophisticated mobile Trojans we know. Continue reading Attack on Zygote: a new twist in the evolution of mobile threats