Mobile threats are trending upward, with vulnerability exploits gaining traction. The silver lining? More of these vulnerabilities are also disclosed, analyzed and detected. This helps better mitigate Android devices from zero-days and malware, enabling OEMs/vendors to more proactively respond to these threats. This is echoed by our continuous initiatives on Android vulnerability research: from June to August 2016, for instance, we’ve discovered and disclosed 13 vulnerabilities to Google. Their real-world impact ranges from battery drainage and unauthorized capture of photos, videos, and audio recordings, to system data leakage and remote control. This is on top of 16 other security flaws we’ve uncovered that were cited in Android/Google’s security bulletins from January to September this year.Read More
In a recent blog post, we talked about the Haima app store on iOS. Here, we found that official apps were repacked and advertising modules added to generate revenue for the owners.
One reason for this store’s popularity is its relative ease of use, thanks to the “Haima iOS Helper”. This app is meant to complement the rest of the store by making it easier to install apps and manage the user’s device. This can be considered analogous to the roles that iTunes performs for most iOS users.Read More
Threats to mobile users have grown quickly in the span of only a few months. Trend Micro’s Mobile App Reputation Service (MARS) has counted 16.6 million malware detections as of August 2016, a 40% leap from detections listed in January. The Android platform continues to be particularly susceptible, with one specific malware family called “DressCode” steadily and stealthily spreading since April before reports about it surfaced in August. This malware gives attackers an avenue into internal networks which compromised devices are connected to—a notable risk if the device is used to connect to company networks.Read More