detection


In our everyday lives we all seem to be continually looking for knowledge or information to help improve a situation, or at least make sure we don’t end up in a bad one.  Let’s take for example, traffic.  If we live or work in a crowded city with lots of traffic, we are always looking to understand where the traffic jams and accidents are, and discover where the best routes are before we drive home from work so we can avoid getting stuck in traffic.  This behavior seems second nature to us. Most of the time, we do it without... [Read More]
by RSS Anthony Giandomenico  |  Aug 23, 2016  |  Filed in: Industry Trends
A few months ago, we reported Alligator helped us detect an unknown GPS-leaking adware no vendor had yet spotted: Adware/Geyser!Android. The number has now increased with the discovery of Riskware/Zdchical!Android and Riskware/SmsCred!Android. The former leaks the IMEI and IMSI to a remote server, the latter leaks login/password credentials in cleartext. While those samples are not of the most malignant form - they pose security threats but not with a clear malicious intent - we are happy to improve our surveillance techniques on Android marketplaces... [Read More]
by RSS Axelle Apvrille  |  Nov 14, 2013  |  Filed in: Security Research
Those last few months, we have been using and tuning a data mining engine developed by researchers of Telecom ParisTech. The tool is named Alligator, mostly because we believe alligators are hungry animals :) (and a little because this means "AnaLyzing maLware wIth partitioninG and probAbiliTy-based algORithms"). Integrated in our own crawling, property extraction and reporting architecture, the engine helps us spot suspicious packages among the huge load of Android applications. Recently, as we were tuning our framework, Alligator reported a... [Read More]
by RSS Axelle Apvrille  |  Aug 02, 2013  |  Filed in: Security Research