Research Blog

News and views from the leading voice in cloud security.


By: Shivang Desai

Android malware targeting South Korean mobile users

Mobile Banking Trojan

Mobile

In a recent cycle of malware hunting, ThreatLabZ came across a malicious Android application specifically targeting South Korea. There have been a few attempts in the past to target South Korea, in which malicious apps were either trying to pose as bank apps or as…
By: Dhanalakshmi

Compromised Websites Delivering Tech Support Scams and Credit Card Hijacks

Tech Support Scams and Magento Credit Card Hijacking

Compromise | Scam

Introduction   Tech support scams and credit card hijacking attacks are not new. These types of cyber-fraud have been seen in the wild as supported extensions for Internet Explorer, Firefox, and Chrome; they become distributed through various monetization platforms during…
By: Atinderpal Singh

iSpy Keylogger

Malware

Keyloggers have always been present in attackers toolkits. They give attackers the power to record every keystroke from a victim s machine and steal sensitive information. Zscaler ThreatLabZ recently came across a signed keylogger campaign in our cloud sandbox. In…
By: Ed Miles

A quick look at recent malvertising exploit chains

Featuring RIG and Sundown EK

Exploit Kit

Introduction Zscaler ThreatLabZ, during our daily exploit kit (EK) tracking, have been seeing some changes in both RIG and Sundown EKs. We recently encountered a malvertising chain serving both EKs on subsequent visits, and decided to compile a quick look at…
By: Derek Gooley

Top Exploit Kit Activity Roundup - Summer 2016

Exploit Kit

Overview This is the second in a series of blogs collecting the recent activity of the current top exploit kits. Exploit kits are rapidly deployable software packages designed to leverage vulnerabilities in web browsers to deliver a malicious payload to…
By: Deepen Desai

Agent Tesla Keylogger delivered using cybersquatting

Compromise | Malware

Introduction Zscaler ThreatLabZ recently came across an attack chain in which cybersquatting was being used to deliver a commercial keylogger, called AgentTesla, with an intent to steal confidential information. The keylogger payload was configured to relay the stolen information back…
By: Viral Gandhi

Android Marcher: Continuously Evolving Mobile Malware

Mobile Malware

Founded in 2013, the Android Marcher mobile malware has widely been targeting Google Play -- harvesting user credentials and credit card data. The malware waits for victims to open the Google Play store and then displays a fake html overlay…
By: Viral Gandhi

Pokémon GO : Pikachu thunder shocks user’s wallet and personal life.

Mobile Malware

The recent release of Pok mon GO has led the game to become one of most popular apps for Android and iOS - having been downloaded by more than 5 million users. The game is currently available in multiple countries…

Learn more about Zscaler.
Join one of our webcasts.

How secure are you?

Check your security with our instant risk assessment, Security Preview. It’s free, confidential and safe. 85% of companies who run this test find vulnerabilities that require immediate attention.

Average risk level results from people like you: VERY HIGH