Collaborate Disseminate
This report summarizes a series of Kaspersky Lab reports that between them provide an overview of how the financial threat landscape has evolved over the years. It covers the common phishing threats, along with Windows-based and Android-based financial malware. Continue reading Financial Cyberthreats in 2017
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago. Continue reading Skygofree: Following in the footsteps of HackingTeam
Among this array of threats we found a rather interesting sample – Trojan.AndroidOS.Loapi. This Trojan boasts a complicated modular architecture that means it can conduct a variety of malicious activities: mine cryptocurrencies, annoy users with constant ads, launch DDoS attacks from the affected device and much more. Continue reading Jack of all trades
Two years ago we published a blogpost about a popular malware that was being distributed from the Google Play Store. In October and November 2017 we found 85 new malicious apps on Google Play that are stealing credentials for VK.com Continue reading Still Stealing
There’s certainly no shortage of commercial spying apps for Android, with most positioned as parental control tools. In reality, however, these apps barely differ from spyware, with the exception perhaps of the installation method. Continue reading Android commercial spyware
Researchers find six previously unknown memory corruption and unlock-bypass vulnerabilities in major chipset vendors’ firmware code. Continue reading Multiple Vulnerabilities Found in NVIDIA, Qualcomm, Huawei Bootloaders
The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. Not so long ago, thanks to our colleagues from a large Russian bank, we detected a new Trojan sample, Faketoken.q, which contained a number of curious features. Continue reading Booking a Taxi for Faketoken
In mid-July 2017, we found a new modification of the well-known mobile banking malware family Svpeng – Trojan-Banker.AndroidOS.Svpeng.ae. In this modification, the cybercriminals have added new functionality: it now also works as a keylogger, stealing entered text through the use of accessibility services. Continue reading A new era in mobile banking Trojans
How often do you click the ‘back’ or the ‘Home’ button on your mobile device to exit an application immediately?
I believe, several times in a single day because a large number of apps do not have an exit button to directly force-close them instead of going back and back and back until they exit.
Sometimes Android users expect the back button to take them back to the back page, but sometimes
Continue reading Google Silently Adds ‘Panic Detection Mode” to Android 7.1 – How It’s Useful
I’ve been monitoring Google Play Store for new Ztorg Trojans since September 2016, and have so far found several dozen new malicious apps. All of them were rooting malware that used exploits to gain root rights on the infected device. In May 2017, a new Ztorg variant appeared on the Google Play Store – only this this time it wasn’t a rooting malware but a Trojan-SMS. Continue reading Ztorg: from rooting to SMS