• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Author / Veo Zhang (Mobile Threats Analyst)

Veo Zhang

Mobile Threats Analyst

‘GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices
  • Posted on:June 21, 2016
  • Posted in:Malware, Mobile
  • Posted by:
    Veo Zhang (Mobile Threats Analyst)
0
Mobile04

We came across a family of mobile malware called Godless (detected as ANDROIDOS_GODLESS.HRX) that has a set of rooting exploits in its pockets. By having multiple exploits to use, Godless can target virtually any Android device running on Android 5.1 (Lollipop) or earlier. As of this writing, almost 90% of Android devices run on affected versions. Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide.

Read More
Tags: Rooting Malware

Kernel Waiter Exploit from the Hacking Team Leak Still Being Used
  • Posted on:May 19, 2016
  • Posted in:Mobile, Vulnerabilities
  • Posted by:
    Veo Zhang (Mobile Threats Analyst)
0
Mobile04

Although the Hacking Team leak took place several months ago, the impact of this data breach—where exploit codes were made public and spurred a chain of attacks—can still be felt until today. We recently spotted malicious Android apps that appear to use an exploit found in the Hacking Team data dumps. The apps, found in certain websites, could allow remote attackers to gain root privilege when successfully exploited. Mobile devices running on Android version 4.4 (KitKat) and below, which account for nearly 57% of total Android devices, are susceptible to attacks that may abuse this flaw.

Read More
Tags: Hacking Teammalicious appsTowelRoot

Critical ‘CVE-2015-1805’ Vulnerability Allows Permanent Rooting of Most Android Phones
  • Posted on:March 29, 2016
  • Posted in:Mobile, Vulnerabilities
  • Posted by:
    Veo Zhang (Mobile Threats Analyst)
0

On March 18, Google published a security advisory for a critical vulnerability CVE-2015-1805 that applied to rooting apps. This bug allows malicious apps to gain “root” access to all Android phones below kernel version 3.18. This can greatly affect devices that no longer receive patches, or those with long rollout time. Initially, this flaw has been tagged as ‘medium’ in terms of severity. However, a zero-day exploit was found out that showed the vulnerability could still be exploited successfully, compromising the security of the device. As such, the level of severity was changed to ‘critical.’

Read More

High-Profile Mobile Apps At Risk Due to Three-Year-Old Vulnerability
  • Posted on:December 3, 2015
  • Posted in:Mobile, Vulnerabilities
  • Posted by:
    Veo Zhang (Mobile Threats Analyst)
3

A total of 6.1 million devices – smart phones, routers, smart TVs – are currently at risk to remote code execution attacks due to vulnerabilities that have been fixed since 2012.

The vulnerability exists in the Portable SDK for UPnP™ Devices, also called libupnp. This particular library is used to implement media playback (DLNA) or NAT traversal (UPnP IGD). Apps on a smartphone can use these features to play media files or connect to other devices within a user’s home network.

Read More
Tags: androidgoogle playlibupnpNetflixTencent QQMusicvulnerability

Pornographic-themed Malware Hits Android Users in China, Taiwan, Japan
  • Posted on:October 26, 2015
  • Posted in:Malware, Mobile
  • Posted by:
    Veo Zhang (Mobile Threats Analyst)
1

Sex sells, and nowhere is that more true than the Chinese mobile landscape. Porn-themed malware has been hitting Android users in China, Japan, and Taiwan in recent weeks.

These malicious apps are distributed via SEO-optimized fake websites, with keywords targeting hot scandals and affairs used. These sites pretend to be porn video websites, and all lead to various malicious apps being downloaded.

Read More
Tags: androidMalwarepornography
Page 1 of 412 › »

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Deep Web

  • Trend Micro researchers have been taking deep dives into cybercriminal territory for years now. Find out more about the inner workings of the Deep Web and underground markets.

Latest Ransomware Posts

  • From RAR to JavaScript: Ransomware Figures in the Fluctuations of Email Attachments
  • A Show of (Brute) Force: Crysis Ransomware Found Targeting Australian and New Zealand Businesses
  • BkSoD by Ransomware: HDDCryptor Uses Commercial Tools to Encrypt Network Shares and Lock HDDs
  • Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files
  • Network Solutions to Ransomware – Stopping and Containing Its Spread

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM Systems
  • New Version of Cerber Ransomware Distributed via Malvertising
  • Locky Ransomware Now Downloaded as Encrypted DLLs
  • Cybercriminals Improve Android Malware Stealth Routines with OBAD
  • CVE-2016-6662 Advisory: Recent MySQL Code Execution/Privilege Escalation Zero-Day Vulnerability

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.