Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    March 2015
    S M T W T F S
    « Feb    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Mobile’ Category




    With the finalization of HTML5 standard by World Wide Web Consortium (W3C) last October, there will be a rapid growth of new HTML5 web apps coming out in the near future. Considering the platform independent characteristic in web apps, we foresee that HTML5 will accelerate the repackaging from web apps to mobile apps for malicious intent. A Quick Overview of HTML5 Android Apps According to our monitoring, the amount of new HTML5-packaged apps coming to the Android platform increased by 200% in ...

    Posted in Malware, Mobile | Comments Off



    A few months back, we discussed the Android Same Origin Policy (SOP) vulnerability, which we later found to have a wider reach than first thought. Now, under the collaboration of Trend Micro and Facebook, attacks are found which actively attempt to exploit this particular vulnerability, whose code we believe was based in publicly available Metasploit code. This attack targets Facebook users via a link in a particular Facebook page that leads to a malicious site. This page contains obfuscated JavaScript code (see in Figure 1 below), which includes ...




    We often talk about the security risks when dealing with third-party app stores. Previous research has shown that third-party app stores are often a hotbed of malware, specifically, malicious versions of popular apps. Aside from malicious apps, we are now seeing a marked increase of “downloader apps” in these stores, whose primary function is to download other apps that may lead to security risks for mobile users. Downloader Apps Seen in a Third-Party App Store in China Our engineers decided to look at ...

    Posted in Malware, Mobile | Comments Off



    We have discovered a vulnerability in Android that affects how cross-signed certificates are handled. No current Android release correctly handles these certificates, which are created when two certificates are signed with a looped certificate chain (certificate A signs certificate B; certificate B signs certificate A). We've already notified Google about this vulnerability, and there is no fix and no timeframe for a fix from them. When a specially-constructed malformed certificate is introduced into an Android device (either by a new app being installed ...




    It's that time of year again - the last quarter of the year is a time for many of us to buy a new smartphone, as we look at the new devices launched relatively recently by Apple, Samsung, and all the other phone providers and decide which one we shall use for the duration of our next smartphone contract. I'm sure that many of us will take home brand new iPhones and Android devices and set it up just the way ...

    Posted in CTO Insights, Mobile | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice