by
Axelle Apvrille
| October 19, 2012
| Category: Security Research
Axelle Apvrille
| October 19, 2012
| Category: Security Research
In a previous post, I mentioned the new scheme used by the author of Android/Fakemart to make money.
Basically, the trick consisted in infecting phones to silently and automatically register to play an online quizz and then st...
Read More >>
by
Axelle Apvrille
| September 21, 2012
| Category: Security Research
Axelle Apvrille
| September 21, 2012
| Category: Security Research
Another Android malware is currently in the wild in France, as we have recently discovered.
This malware poses as a Flash Player installer and steals your incoming SMS messages by forwarding them to a remote server. We have na...
by
Ruchna Nigam
| September 18, 2012
| Category: Security Research
Ruchna Nigam
| September 18, 2012
| Category: Security Research
While going through our regular (and never-ending) supply of malicious Android samples, we came across an interesting variant a couple of days back. Like most Android Trojans these days, the piece of malware benefits by sending...
by
Axelle Apvrille
| September 03, 2012
| Category: Security Research
Axelle Apvrille
| September 03, 2012
| Category: Security Research
Recently, a new trojan named Android/Fakemartcaught our attention as it is operating in France, where our EMEA labs are located.
The malware poses as a Winamp Pro application or a Black Market application (Black Market is an a...
by
Axelle Apvrille
| June 21, 2012
| Category: Security Research
Axelle Apvrille
| June 21, 2012
| Category: Security Research
A new sample of Zitmo is out, pretending to be an Android Security Suite. Like others in Zitmo, the malware is a SMS spy: it forwards incoming SMS message to a remote server. This particular sample responds to a few basic SMS c...
by
Axelle Apvrille
| June 06, 2012
| Category: Security Research
Axelle Apvrille
| June 06, 2012
| Category: Security Research
Denis Maslennikov reported a new SMS trojan, Android/Mania, which emanates from France. This malware hasn’t any outstanding functionality - it silently sends SMS messages to a short number, something we only see too often...
by
Axelle Apvrille
| April 20, 2012
| Category: Security Research
Axelle Apvrille
| April 20, 2012
| Category: Security Research
Mobile botnet Android/RootSmart (aka Bmaster) is making substantial amount of money from premium SMS numbers or services, according to Cathal Mullaney’s discovery of a mobile botnet front-end: yes, we had told you so.
...
by
Axelle Apvrille
| December 15, 2011
| Category: Security Research
Axelle Apvrille
| December 15, 2011
| Category: Security Research
It doesn’t happen that often altogether that mobile malware specifically come from France and propagate in France. It however seems to be the case this time for an Android malware named Foncy - not that there should be an...
by
Axelle Apvrille
| July 04, 2011
| Category: Security Research
Axelle Apvrille
| July 04, 2011
| Category: Security Research
Mark Balanza has spotted a new Android malware, Android/CruseWin.A!tr, which acts as an SMS relay.
The malicious application is in contact with a remote C&C from which it gets an XML configuration file which contains the c...
by
Axelle Apvrille
| May 17, 2011
| Category: Security Research
Axelle Apvrille
| May 17, 2011
| Category: Security Research
Some time ago, I bumped into a few Android applications which use Airpush. Airpush is an advertisement SDK developers can add to their application to generate some revenue: for every thousand ads displayed via their applicati...
by
Axelle Apvrille
| January 12, 2011
| Category: Security Research
Axelle Apvrille
| January 12, 2011
| Category: Security Research
Our analyst, Ruchna Nigam, had been analyzing a sample of SymbOS/InSpirit.A!tr.
SMS dropped in the victim’s inbox by SymbOS/InSpirit.A!tr
A couple of months ago, this malware received some attention in China (for examp...
by
Axelle Apvrille
| September 27, 2010
| Category: Security Research
Axelle Apvrille
| September 27, 2010
| Category: Security Research
During the weekend, in our monitoring of the Zeus botnet, my colleague Kyle Yang stumbled upon an unexpected payload: a brand new mobile malware piece we named SymbOS/Zitmo.A!tr (Zitmo standing for “Zeus In The MObileR...
by
Axelle Apvrille
| August 03, 2010
| Category: Security Research
Axelle Apvrille
| August 03, 2010
| Category: Security Research
I had already seen mobile malware SMS messages with a malicious URL inside (e.g SymbOS/Yxes), or MMS messages (e.g SymbOS/Album.A!tr, SymbOS/Beselo!worm…) with a malicious attachment. However I had never noticed a mobile ...
by
Axelle Apvrille
| July 08, 2010
| Category: Security Research
Axelle Apvrille
| July 08, 2010
| Category: Security Research
Lately, I have been analyzing a sample of SymbOS/Album.A!tr, another advanced malware targeting mobile phones running Symbian OS 9 and greater.
First of all, once more, like SymbOS/Yxes, this malware was “legitimately...
by
Axelle Apvrille
| June 07, 2010
| Category: Security Research
Axelle Apvrille
| June 07, 2010
| Category: Security Research
Want to impress friends with eccentric ways to send SMS messages? This article is for you. As a matter of fact - and closer to the official goal - this article can also help analysts spot unexpected SMS sending in malware.
SMS...
Twitter
Facebook
LinkedIn
Youtube