Research Blog

News and views from the leading voice in cloud security.

By: Shivang Desai

Android Spyware SMSVova posing as system update on Play Store

Android Spyware SMSVova found on Google Play Store

Mobile Malware

In our ongoing effort to hunt malware, the Zscaler ThreatLabz team came across a highly suspicious app on the U.S. Google Play Store that has been downloaded between one and five million times since 2014. Upon analysis, we found it…
By: Sameer Patil

Increase in jRAT Campaigns

The Zscaler ThreatLabZ team has detected a rise in Java-based remote access Trojan variants  jRATs which give attackers a backdoor into a victim's system and can be capable of remotely taking control of the system once it's infected. Malware authors are using…
By: Chris Mannon

Microsoft Office 0-Day leveraged in spam campaigns

Exploit | Microsoft | Spam | Zero Day

A new spam campaign has been leveraging exploits for the Microsoft Office vulnerability CVE-2017-0199. Security industry repsonse to the vulnerability was rapid and several in-the-wild exploits have been detailed by various security companies. The timing of this attack was largely preempted by…
By: Gaurav Shinde

New Android ransomware bypasses all antivirus programs

Infection continues even after the victim pays the ransom

Mobile Malware

The Zscaler ThreatLabZ team has found a new variant of Android Ransomware. What makes this variant particularly scary is that it evaded all the antivirus programs tested against it at the time of writing this blog. During our investigation, we uncovered…
By: Gaurav Shinde

Nasty adware hiding in apps on Google Play Store

The adware would like to be your device administrator if you let it

Mobile Malware

In our ongoing hunt for malicious apps on Google Play Store, we have come across more than a dozen apps that we have confirmed to be aggressive adware strains, with the ability to add themselves as device administrator on a victim's…
By: Rohit Hegde

March Madness Fake Streams and Phishing Attempts

A look at malicious activity on the Internet around March Madness


March Madness is in full swing and the Sweet 16 games are upon us While enthusiasts everywhere prepare to stream their favorite teams' games, the increased interest in the tournament has also attracted the attention of threat actors who've produced…
By: Derek Gooley

Top Exploit Kit Activity Roundup - Winter 2017

Exploit Kit

Overview This is the fourth in a series of posts in which we're examining recent activity of the current top exploit kits. An exploit kit (EK) is a rapidly deployable software package designed to leverage vulnerabilities in web browsers to deliver a malicious…
By: Derek Gooley

The Rise in SSL-based Threats

Encryption | Malware

Overview The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half…

Learn more about Zscaler.
Join one of our webcasts.

Check how healthy is your Internet security with Security Preview, Zscaler's free security scan

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.