android malware


New variants of android banking malware target even more German banks, popular social media apps, and more Summary In my previous blog I provided a detailed analysis of a new android banking malware that spoofed the mobile applications of several large German banks to trick users into revealing their banking credentials. This week I found several new variants of this growing malware, and in this update I am sharing these new findings. Install the malware One of these variants masquerades as another German mobile banking app. Once installed,... [Read More]
by RSS Kai Lu  |  Nov 18, 2016  |  Filed in: Security Research
Malware has been known to use new and innovative ways to evade detection by Antivirus software, a phenomenon AV analysts have often seen with PC malware. Not a lot of examples of the same have been seen employed by mobile malware. A recently discovered Android malware has brought to light one such Antivirus evasion technique with its use of "a legitimate firewall to thwart security software". The legitimate firewall referred to is iptables which is a well-known "administration tool for IPv4 packet filtering and NAT" on... [Read More]
by RSS Ruchna Nigam  |  Jan 21, 2016  |  Filed in: Security Research
Mobile banking is a convenient way for users to complete transactions anywhere and anytime. KPMG predicts that the mobile banking user base will grow to 1.8 billion by 2019. And, when money is involved, the bad guys always find creative ways to steal it. Now they are increasingly doing so on the Android platform in the same way they did for online banking on PCs.  In the beginning of December, the Association of Banks in Singapore (ABS) released an advisory on mobile banking malware infecting Android smartphones and the substantial... [Read More]
by RSS Floser Bacurio  |  Dec 09, 2015  |  Filed in: Security Research
Until relatively recently, mobile malware wasn't that different from early PC malware - It was annoying, it probably invaded your privacy, and it took a toll on system resources but it wasn't especially dangerous or costly in the way that modern weaponized malware used to attack PCs, servers, and point-of-sale systems was. And just as early malware primarily targeted a single OS (Windows), mobile malware remains almost exclusively a problem for Android. However, it appears that Stagefright has served as something of a wakeup call for the... [Read More]
by RSS Chris Dawson  |  Aug 12, 2015  |  Filed in: Industry Trends & News
A recent news article described email as the undying "cockroach of the Internet". To validate this statement, seeing some of the Android malware samples I've analyzed recently, malware authors might share that sentiment. In 2013, we saw the first Android botnet variant that used email as a means to 'call home'. However, over the past few months there has been a surge in the number of samples discovered that follow suit (thanks to Crypto Girl for the observation). The table below lists all such variants we've seen so far : Variant Name Date... [Read More]
by RSS Ruchna Nigam  |  Sep 15, 2014  |  Filed in: Security Research
Insomni'hack 2013 took place last week at Geneva and I had the opportunity to attend. Insomni'hack DAY 1 consisted of one day workshops on subjects ranging from "Linux exploitation" to "How to make sure your Pentest Report is never empty". I had the chance to attend a workshop on "Practical ARM exploitation" given by black Steve (@s7ephen) and white Steve (Stephen Lawler). We initially had trouble getting the Gumstix we were supposed to work on running due to the difference in voltage levels between the US and Europe (it's about time the world... [Read More]
by RSS Ruchna Nigam  |  Mar 25, 2013  |  Filed in: Security Research