Research Blog

News and views from the leading voice in cloud security.

By: Viral Gandhi

Super Mario Run Malware #2 – DroidJack RAT

Gamers love Mario and Pokemon, but so do malware authors.

Mobile Malware

A few days back, we wrote about an Android Marcher trojan variant posing as the Super Mario Run game for Android. We have found another instance of malware posing as the Super Mario Run Android app, and this time it has taken…
By: Viral Gandhi

Android Marcher now posing as Super Mario Run

Attackers seek to use the game's popularity to spread malware


Nintendo recently released Super Mario Run for the iOS platform. In no time, the game became a sensational hit on the iTunes store. However, there is not yet an Android version and there has been no official news on such a…
By: Chris Mannon

Santa Claus is coming to town with a sack full of ransomware

Abuse | Adware | Analysis | Exploit | Malware | Phishing | Ransomware | Scam | Spam

It s the season holiday shopping has increased and email inboxes have been inundated with promotional emails, offers from online retailers, and discount banners. And with increased online shopping activity, you can expect to see an increase in activity from…
By: Derek Gooley

Top Exploit Kit Activity Roundup - Fall 2016

Exploit Kit

Overview This is the third in a series of blogs reviewing the activity of the current top exploit kits. Exploit Kits (EKs) are rapidly deployable software packages designed to leverage vulnerabilities in web browsers as a way to deliver a…
By: Ed Miles

CNACOM - Open Source Exploitation via Strategic Web Compromise


Introduction Since a full proof of concept for CVE-2016-0189 vulnerability was published on GitHub, Zscaler ThreatLabZ has been closely tracking its proliferation. The first copying of the exploit code we spotted was from the Sundown exploit kit (EK), followed closely by…
By: Atinderpal Singh

A look at recent Stampado ransomware variant

Self-propagates and encrypts files already encrypted by other ransomware


Introduction Stampado is one of the many new ransomware strains we have seen in 2016. Stampado was first seen in the wild in July 2016, as one of the cheapest pieces of ransomware available on the underground forums.   Figure 1…
By: Deepen Desai

IoT devices in the enterprise

A look at the enterprise IoT device footprint and IoT traffic analysis

Analysis | Compromise

In the months prior to the recent attacks, which used Internet of things (IoT) devices to carry out massive distributed-denial-of-service (DDoS) attacks, the ThreatLabZ research team had begun studying the use of IoT devices on the networks of Zscaler customers.…
By: Viral Gandhi

Are mobile apps a leaky tap in the enterprise?

Mobile Privacy Trends

In almost every enterprise, mobile and cloud represent a large and growing proportion of overall traffic. While they offer many advantages in productivity, they also bring about new challenges for organizations trying to simplify their infrastructures while maintaining critical security…

Learn more about Zscaler.
Join one of our webcasts.

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.