Category Archives: Mobile

Fake Apps Take Advantage of Super Mario Run Release

Por | Decembro 20, 2016

Earlier this year, we talked about how cybercriminals took advantage of the popularity of Pokemon Go to launch their own malicious apps. As 2016 comes to a close, we observe the same thing happening to another of Nintendo’s game properties: Super Mario. The Super Mario franchise has been a key part of Nintendo’s video game business, with multiple title… Ler Máis »

Fake Apps Take Advantage of Mario Run Release

Por | Decembro 20, 2016

Earlier this year, we talked about how cybercriminals took advantage of the popularity of Pokemon Go to launch their own malicious apps. As 2016 comes to a close, we observe the same thing happening to another of Nintendo’s game properties: Super Mario. The Super Mario franchise has been a key part of Nintendo’s video game business, with multiple title… Ler Máis »

New Flavor of Dirty COW Attack Discovered, Patched

Por | Decembro 7, 2016

Dirty COW (designated as CVE-2016-5195) is a Linux vulnerability that was first disclosed to the public in October 2016. It was a serious privilege escalation flaw that allowed an attacker to gain root access on the targeted system. It was described as an “ancient bugby Linus Torvalds and was quickly patched once it was disclosed,... Ler Máis »

New SmsSecurity Variant Roots Phones, Abuses Accessibility Features and TeamViewer

Por | Decembro 1, 2016

By Jason Gu (Mobile Threat Response Engineer) In January of 2016, we found various “SmsSecuritymobile apps that claimed to be from various banks. These apps supposedly generated one-time passwords (OTPs) that account holders could use to log into the bank; instead they turned out to be malicious apps that stole any password sent via SMS messages.… Ler Máis »

Security Update Patches 13 Android Vulnerabilities Discovered by Trend Micro

Por | Novembro 1, 2016

by Seven Shen, Ecular Xu and Wish Wu Mobile threats are trending upward, with vulnerability exploits gaining traction. The silver lining? More of these vulnerabilities are also disclosed, analyzed and detected. This helps better mitigate Android devices from zero-days and malware, enabling OEMs/vendors to more proactively respond to these threats. This is echoed by our… Ler Máis »

Masque Attack Abuses iOS’s Code Signing to Spoof Apps and Bypass Privacy Protection

Por | Outubro 31, 2016

First reported in 2014, Masque Attack allowed hackers to replace a genuine app from the App Store with a malformed, enterprise-signed app that had the same Bundle Identifier (Bundle ID). Apple subsequently patched the vulnerabilities (CVE-2015-3772 and CVE-2015-3725), but while it closed a door, scammers seemed to have opened a window. Haima’s repackaged, adware-laden apps… Ler Máis »

DressCode and its Potential Impact for Enterprises

Por | Setembro 30, 2016

Threats to mobile users have grown quickly in the span of only a few months. Trend Micro’s Mobile App Reputation Service (MARS) has counted 16.6 million malware detections as of August 2016, un 40% leap from detections listed in January. The Android platform continues to be particularly susceptible, with one specific malware family called “DressCode” steadily… Ler Máis »