Spyware disguised itself as legitimate Android applications to steal information from users. Some malicious apps were already downloaded over 100,000 times by users from all over the world.
Read More Analyzed 15 malicious wallpaper apps we found on Google Play Store running click ad fraud schemes. The apps recorded over 200,000 downloads worldwide — our telemetry shows infection to be the highest in some countries in Europe, the US, and Asia — before they were removed.
Read More Several apps on Google Play posing as legitimate voice messenger platforms have automated functions such as fake survey pop-ups and fraudulent ad clicks. Observed variants were deployed one by one since October, with its evolution including evasive techniques and its infection behavior divided into several stages, as well as botnet codes possibly indicative of future attacks.
Read More
We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, the hacking tool the group primarily uses), involving the use of an IRC bot built with the help of Perl Shellbot. The group distributes the bot by exploiting a common command injection vulnerability on internet of things (IoT) devices and Linux servers. Further research indicates that the threat can also affect Windows-based environments and even Android devices.
Read More
Recently, we found a new exploit using port 5555 after detecting two suspicious spikes in activity on July 9-10 and July 15. In this scenario, the activity involves the command line utility called Android Debug Bridge (ADB), a part of the Android SDK that handles communication between devices that also allows developers to run and debug apps on Android devices.
Read More