The discovery of the first Stagefright vulnerability last July is turning out to be just the beginning of many security concerns for Android users. The latest Nexus security bulletin released earlier this month includes updates for 15 remote code execution vulnerabilities related to libstagefright, all tagged as critical. We discovered four of the mentioned vulnerabilities…Read More
Android malware creators have recently been mixing business with play. We found two malicious gaming apps that were published on Google Play and are capable of rooting Android devices. If the apps Brain Test and RetroTetris ring a bell, better check your devices.
RetroTetris can be installed in Android versions starting from 2.3 Gingrebread while Brain Test can be installed in versions starting from 2.2 Froyo. Brain Test has been removed from Google Play since September 24. Meanwhile, we have informed the Google Play security team about the RetroTetris app and are awaiting their response.Read More
Mobile banking is now used by more and more users, so it shouldn’t be a surprise to see banking Trojans trying to hit these users as well. We’ve seen spammed mails that pretend to be an update notification for an official PayPal app. These mails ask the user to click on a link to download the update; users in Germany appear to be the target of this spam run based on the language used.
As is the case with all spam campaigns, multiple IP addresses from different countries spammed this particular mail at its intended German targets. 41% of these senders were in Vietnam, with other countries such as Ukraine, Russia, Brazil and India accounting for the remainder. Some variants of this message were sent more than 14,000 times.Read More
By Yang Yang, Jordan Pan Halloween is still a month from now and yet Android users are already being haunted by the previously reported “Ghost Push” malware, which roots devices and makes them download unwanted ads and apps. The malware is usually packaged with apps that users may download from third-party app stores. Further investigation of Ghost…Read More
The iOS app store has traditionally been viewed as a safe source of apps, thanks to Apple’s policing of its walled garden. However, that is no longer completely the case, thanks to the discovery of multiple legitimate apps in the iOS app store that contained malicious code, which was dubbed XcodeGhost. So, how did XcodeGhost…Read More