Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign

The Water Makara spear-phishing campaign, recently reported by Trend Micro, leverages social engineering tactics and obfuscated JavaScript files to target victims. The attack entices victims into clicking malicious links or downloading harmful attachments, ultimately leading to credential theft and data compromise. While there is no indication that this specific campaign is targeting mobile devices, it highlights…

The Mobile Malware Chronicles: Necro.N – Volume 101

The Mobile Malware Chronicles: Necro.N – Volume 101

Executive Summary zLabs researchers have been tracking a Necro.N, a mobile malware campaign, since July. Expanding upon Kaspersky’s report, we’ve gathered additional insights. Over this time, we’ve collected more than 30 samples and few of them had low detections from other security vendors. As stated in the original report, Necro.N is highly intrusive and is emerging as a…

Debunking Five Myths About Mobile Security

Debunking Five Myths About Mobile Security

Mobile security is a critical concern for enterprises. However, several myths surrounding mobile security could be putting your organization at risk. I’ve identified and debunked the top five myths about mobile security and explained how to safeguard your enterprise with clarity and confidence. Myth 1: All Android and iOS devices are inherently secure While Android…

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

Executive Summary On September 10, Cleafy publicly disclosed a new variant of the Banking Trojan called TrickMo. This variant employed innovative techniques to evade detection and analysis, such as zip file manipulation and obfuscation.  While Cleafy did not release any Indicators of Compromise (IOCs), our research team conducted its own research and identified 40 recent variants…

ISM’s Guidelines for Enterprise Mobility

ISM’s Guidelines for Enterprise Mobility

Most cybersecurity professionals in Australia are well-acquainted with the Information Security Manual (ISM) cyber security framework, the Essential 8 (E8) and how they apply to traditional endpoints. In addition to these controls, there are mobile-specific controls that are critical to securing iOS, Android and ChromeOS devices. In this blog, we will analyze the ISM’s mobile…

iOS and the WebP Vulnerability

iOS and the WebP Vulnerability

A Retrospective on WebP CVE Executive Summary Earlier this year, Zimperium analyzed and reported on the patching process of CVE-2023-4863 for Android. Upon the conclusion of our research, we observed a steady and solid patching trend once a patch was made available. In this blog we will underline the differences and the similarities on how iOS developers reacted to the…

Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

ThreatFabric recently reported on a new strain of Android malware called Octo2, which is actively targeting European banks. This variant builds on the capabilities of its predecessor, Octo, employing sophisticated techniques like screen overlays and remote access tools (RATs) to compromise banking credentials and manipulate financial transactions. With this malware, fake login screens overlay legitimate banking app,…

Zimperium Coverage on COLDRIVER Phishing Campaign 

Zimperium Coverage on COLDRIVER Phishing Campaign 

The recently uncovered “River of Phish” campaign, attributed to the Russian threat actor COLDRIVER, targets Western and Russian civil society through sophisticated spear-phishing attacks. This campaign employs highly personalized social engineering tactics to trick targets into opening malicious PDF attachments. These PDFs contain links to phishing sites designed to steal login credentials and bypass two-factor authentication, potentially…

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

BlankBot is a newly discovered Android banking trojan identified by Intel 471 Malware Intelligence researchers in July 2024. This sophisticated malware targets Android devices, primarily focused on Turkish users but capable of broader geographical attacks. BlankBot aims to produce profit for attackers by exfiltrating banking credentials.The trojan disguises itself as legitimate applications, deceiving users into granting…

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

July 25, 2024 Krishna Vishnubhotla Share this blog As the world gathers for the 2024 Summer Olympics in Paris, the focus is not only on the athletes’ performances but also on the technology that supports them. Mobile devices have become indispensable for Olympic teams, providing critical data for training, performance tracking, and real-time analysis. However, with…