Company > Blog

News and views from the leading voice in secure digital transformation

More From This Author

Profile picture for user Viral Gandhi

Viral Gandhi

Attackers Target Indian Banking Customers Via SMS and Fake Apps
Security Insights
6 Min read

SMS scams trick Indian banking customers into installing malicious apps

Zscaler ThreatLabz researchers recently observed the rise of a sophisticated phishing campaign spreading via fake banking sites targeting big Indian banks like HDFC, AXIS, and SBI. The team will continue monitoring the e...
Mobile Malware
Security Insights
4 Min read

Rise of Banking Trojan Dropper in Google Play

The Zscaler ThreatLabz team has recently discovered the Xenomorph banking trojan embedded in a Lifestyle app in the Google Play store. The app is “Todo: Day manager,” and has over 1,000 downloads. This is the latest in a...
/blogs/security-research/joker-playing-hide-and-seek-google-play
Security Insights
11 Min read

Joker, Facestealer and Coper banking malwares on Google Play store

Google Play Store is typically considered to be one of the safest sources for users to find and install android apps. However, threat actors continue to evolve their tactics and are able to successfully upload dangerous ...
Bitcoin/Ethereum Scam
Security Insights
2 Min read

Scammer luring Apple enthusiasts on launch event

We often see scammers luring victims by taking advantage of hype related to events or game launches. We observed a similar tactic during the iPhone 13 launch event. Due to the COVID-19 pandemic, this was an online launch...
Joker Joking in Google Play
Security Insights
8 Min read

Joker Joking in Google Play

Joker is one of the most prominent malware families targeting Android devices. Despite public awareness of this particular malware, it keeps finding its way into Google’s official application market by employing changes ...
office buildings
Zero Trust Architecture
3 Min read

IoT in the Enterprise Report: Empty Office Edition

It happened overnight for many enterprises. Bustling offices turned into desolate spaces--abandoning plants to die, snacks to go stale, and calendars to remain frozen in time. And like out of a movie, amidst the eerie qu...
Android Malware
Security Insights
7 Min read

Joker Playing Hide-and-Seek with Google Play

Joker is one of the most prominent malware families that continually targets Android devices. Despite awareness of this particular malware, it keeps finding its way into Google’s official application market by employing ...
Scamming and Smishing while Shopping
Security Insights
9 Min read

Scamming and Smishing while Shopping

A few weeks ago, the witches and skeletons that decorated shop windows for Halloween were swept aside and replaced with reindeer and jolly elves. Fir trees supplanted the pumpkins and “Jingle Bells” began drifting from s...
A sneak peek into recent IoT attacks
Security Insights
8 Min read

A sneak peek into recent IoT attacks

Since the Mirai botnet source code was leaked in 2016, it was inevitable that we’d see its variants being put to use in IoT threat campaigns. Apart from using brute-force techniques to attack IoT devices through various ...
Fake Fortnite Apps Scamming and Spying on Android Gamers
Security Insights
10 Min read

Fake Fortnite Apps Scamming and Spying on Android Gamers

Fortnite is a co-op sandbox survival game developed by Epic Games and People Can Fly and published by Epic Games. The game was released for Microsoft Windows, macOS, PlayStation 4, and Xbox One on July 25, 2017. Fortn...
Mobile App Wall Of Shame: SMS touch
Security Insights
4 Min read

Mobile App Wall Of Shame: SMS touch

App : SMS touch Price : $1.99 Category : Utility Platform : iOS Updated : Jul 06, 2015 Version : 4.5 Size : 16 MB Languages: English, Dutch, French, German, Italian, Spanish S...
New Android Marcher Variant Posing as Adobe Flash Player Update
Security Insights
4 Min read

New Android Marcher Variant Posing as Adobe Flash Player Update

Introduction Marcher is sophisticated banking malware that steals users’ financial information, such as online banking credentials and credit card details. We have observed Marcher evolving over time, using new tricks...
Super Mario Run Malware #2 – DroidJack RAT
Security Insights
2 Min read

Super Mario Run Malware #2 – DroidJack RAT

A few days back, we wrote about an Android Marcher trojan variant posing as the Super Mario Run game for Android. We have found another instance of malware posing as the Super Mario Run Android app, and this time it has ...
Android Marcher now posing as Super Mario Run
Security Insights
4 Min read

Android Marcher now posing as Super Mario Run

Nintendo recently released Super Mario Run for the iOS platform. In no time, the game became a sensational hit on the iTunes store. However, there is not yet an Android version and there has been no official news on such...
Are mobile apps a leaky tap in the enterprise?
Security Insights
5 Min read

Are mobile apps a leaky tap in the enterprise?

In almost every enterprise, mobile and cloud represent a large and growing proportion of overall traffic. While they offer many advantages in productivity, they also bring about new challenges for organizations trying to...
Android Marcher: Continuously Evolving Mobile Malware
Security Insights
4 Min read

Android Marcher: Continuously Evolving Mobile Malware

Founded in 2013, the Android Marcher mobile malware has widely been targeting Google Play -- harvesting user credentials and credit card data. The malware waits for victims to open the Google Play store and then displays...
Android infostealer posing as a fake Google Chrome update
Security Insights
3 Min read

Android infostealer posing as a fake Google Chrome update

Our research team has recently seen a large amount of activity in our cloud related to an Android infostealer disguised as a Google Chrome update. This malware is capable of harvesting call logs, SMS data, browser histor...
Android Marcher now marching via porn sites
Security Insights
3 Min read

Android Marcher now marching via porn sites

Introduction Android Marcher Trojan was first seen in 2013 scamming users for credit card information by prompting fake Google Play store payment page. In subsequent years, Marcher variants also started targeting bank...
This Thanksgiving, Deals On Your Private Data Too
Security Insights
3 Min read

This Thanksgiving, Deals On Your Private Data Too

In a matter of years, we’ve seen Black Friday and Cyber Monday become two of the most anticipated days of the calendar year. While consumers eagerly await the chance to buy this season’s hottest gifts, what they don’t re...
Pornography - A Favorite Costume For Android Malware
Security Insights
4 Min read

Pornography - A Favorite Costume For Android Malware

30% of Internet traffic is in some way related to pornography and this is the primary reason why malware authors are using porn apps to infect large numbers of users. During recent data mining, we noticed an increasi...
More Porn Clicker Malware Masquerading As Dubsmash On Google Play Store
Security Insights
3 Min read

More Porn Clicker Malware Masquerading As Dubsmash On Google Play Store

Introduction Dubsmash is a mobile app to create short "selfie" videos dubbed with famous sounds. It is extremely popular and is currently ranked #10 under Top free Android apps. The users of this app include many we...
Android Ransomware - Porn Droid
Ransomware
3 Min read

Android Ransomware - Porn Droid

Recently, we came across a new variant of Porn Droid - an Android ransomware variant claiming to be from the FBI, which accuses people of watching child porn and then demands a fine of USD 500. File inform...
Fake Porn Site Serving Chinese SMS Trojan
Security Insights
3 Min read

Fake Porn Site Serving Chinese SMS Trojan

The majority of Android malware continues to target Android devices that permit the installation of apps beyond the official Google Play Store. Often, the malicious Android apps are delivered via third party ...
Mobile App Wall Of Shame: Shaadi.com
Security Insights
5 Min read

Mobile App Wall Of Shame: Shaadi.com

Shaadi.com Price : Free Category : Social Platform : iOS and Android Updated : Mar. 9, 2015 (Android), Mar. 10 2015 (iOS) Version : 4.2.2 (Android), 4.2.1 (iOS) Size : 8.28 MB (Android), 17.7 MB (iOS) Language...
Mobile App Wall Of Shame: Quikr
Security Insights
5 Min read

Mobile App Wall Of Shame: Quikr

Quikr Local Classifieds Quikr app logo Price : Free Category : Lifestyle/Shopping Platform : iOS and Android Updated : February 12, 2015(Android), 22 January 2015(iOS) ...
Mobile App Wall Of Shame: Tinychat For IPhone
Security Insights
2 Min read

Mobile App Wall Of Shame: Tinychat For IPhone

Tinychat Price : Free Category : Social Networking Updated : December 29, 2014 Version : 5.0 Size : 19.41 MB Language : English Vendor : Tinychat Co Operating system : iOS Back...
Android Banking Trojan And SMS Stealer Floating In The Wild
Security Insights
3 Min read

Android Banking Trojan And SMS Stealer Floating In The Wild

We recently came across an Android Banking Trojan with a very low antivirus detection rate that is targeting Chinese mobile users. This Android malware is capable of stealing banking information by intercepti...
Top Security Features Added To Android Lollipop
Security Insights
2 Min read

Top Security Features Added To Android Lollipop

As Google officially rolls out it's new operating system Lollipop, let's review some of the enhanced security features added to Android 5.0. Lollipop Kill switch The m...
Trojanized And Pirated Assassins Creed App
Security Insights
2 Min read

Trojanized And Pirated Assassins Creed App

During our daily research, we recently came across Android malware disguising itself as an Assassins Creed app, which is a popular paid gaming application. The malware in question will install a pirated version of the ...
Android Ransomware 'Koler' Learns To Propagate Via SMS
Ransomware
2 Min read

Android Ransomware 'Koler' Learns To Propagate Via SMS

Android Koler is a family of ransomware that targets Android users by locking up their mobile devices and demanding a ransom. It is believed to be the mobile extension of the Reveton ransomware family. Ransomware has b...
Mobile App Wall Of Shame: CNN App For IPhone
Security Insights
3 Min read

Mobile App Wall Of Shame: CNN App For IPhone

Price: Free Category: News Updated: Jul 11, 2014 Version: Version 2.30 (Build 4948) Size: 21.8 MB Language: English Vendor: CNN Interactive Group, Inc. Operating System: iOS Background ...
And The Mice Will “Play”…: App Stores And The Illusion Of Control Part II
Security Insights
8 Min read

And The Mice Will “Play”…: App Stores And The Illusion Of Control Part II

In the last blog, we began analyzing what we’ve termed the “App Dichotomy” of the App Economy – The fact that we are at least as much the consumed, as we are the consumer. Our goal was to analyze popular apps from Ap...
The “Forbidden” Apple: App Stores And The Illusion Of Control Part I
Security Insights
9 Min read

The “Forbidden” Apple: App Stores And The Illusion Of Control Part I

There is no doubt we truly live in an “App Economy.” From personal to professional, we direct and live our lives through our smart phones. But while we enjoy the latest games, stream the latest content or catch up on...
Android App Shares World Cup News At The Expense Of Your Privacy
Security Insights
2 Min read

Android App Shares World Cup News At The Expense Of Your Privacy

Everyone is excited about the football World Cup and apparently so are those peddling adware. Earlier we discussed some of the more aggressive Android advertising SDKs integrated apps flagged by AV vendors as Adware - ...
Analyzing Android ‘Simplocker’ Ransomware.
Ransomware
1 Min read

Analyzing Android ‘Simplocker’ Ransomware.

Recently we came across the sample of a new ransonware ‘Simplocker’ for Android. The ransomware encrypts the files present on SD card and later it demands ransom from victim to decrypt the files. ...
Want To Spy? Google Play Will Help You
Security Insights
4 Min read

Want To Spy? Google Play Will Help You

Spyware or legitimate monitoring application? You decide. In this blog we'll discuss a 'legitimate' app that can be purchased in Google Play known as SMS Tracker. Now it's legitimate as it advertises exactly what it do...
Dissection Of Android Malware MouaBad.P
Security Insights
3 Min read

Dissection Of Android Malware MouaBad.P

In Zscaler’s daily scanning for mobile malware, we came across a sample of Android Mouabad.p. Lets see what is inside. Application static info: Package name = com.android.service Version n...
Dissection Of Zertsecurity - Banking Trojan.
Security Insights
1 Min read

Dissection Of Zertsecurity - Banking Trojan.

Zertsecurity is a well known banking Trojan based on phishing schemes targeting German Android users. Lets see how it works. After installing the application, it prompts the user for account and PIN numbers. ...
CVE-2012-1889 Is Still Alive!
Security Insights
3 Min read

CVE-2012-1889 Is Still Alive!

In Zscaler’s dailyscanning, we identified an instance where CVE-2012-1889 (MSXML Uninitialized Memory Corruption Vulnerability) is still alive. Lets take a look. The site hxxp://wm.17wan.info:9999/zx/zip.html?...
Gap Between Google Play And AV Vendors On Adware Classification
Security Insights
11 Min read

Gap Between Google Play And AV Vendors On Adware Classification

Two critical items impacting mobile use are privacy and a positive user experience. The mobile app market is built on trust. Questionable mobile advertising practices, such as apps employing deceptive adware practices, n...
Zscaler Releases Android Master Key Vulnerability Scanner
Security Insights
2 Min read

Zscaler Releases Android Master Key Vulnerability Scanner

The recently disclosed Android master key vulnerability by CTO of BlueBox Jeff Forristal, allows an attacker to inject malicious code into an Android application without the need to alter or invalidate the applicatio...

Related Articles

Explore More Topics