Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

Zimperium’s Zero-Day Defense Against Octo2 Malware Targeting European Banks

ThreatFabric recently reported on a new strain of Android malware called Octo2, which is actively targeting European banks. This variant builds on the capabilities of its predecessor, Octo, employing sophisticated techniques like screen overlays and remote access tools (RATs) to compromise banking credentials and manipulate financial transactions. With this malware, fake login screens overlay legitimate banking app,…

Zimperium Coverage on COLDRIVER Phishing Campaign 

Zimperium Coverage on COLDRIVER Phishing Campaign 

The recently uncovered “River of Phish” campaign, attributed to the Russian threat actor COLDRIVER, targets Western and Russian civil society through sophisticated spear-phishing attacks. This campaign employs highly personalized social engineering tactics to trick targets into opening malicious PDF attachments. These PDFs contain links to phishing sites designed to steal login credentials and bypass two-factor authentication, potentially…

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

BlankBot: A New Android Banking Trojan Cannot Evade on Device Machine Learning Protection

BlankBot is a newly discovered Android banking trojan identified by Intel 471 Malware Intelligence researchers in July 2024. This sophisticated malware targets Android devices, primarily focused on Turkish users but capable of broader geographical attacks. BlankBot aims to produce profit for attackers by exfiltrating banking credentials.The trojan disguises itself as legitimate applications, deceiving users into granting…

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

July 25, 2024 Krishna Vishnubhotla Share this blog As the world gathers for the 2024 Summer Olympics in Paris, the focus is not only on the athletes’ performances but also on the technology that supports them. Mobile devices have become indispensable for Olympic teams, providing critical data for training, performance tracking, and real-time analysis. However, with…

Sophisticated Fake Apps: A Growing Concern

Sophisticated Fake Apps: A Growing Concern

March 27, 2024 Monique Becenti Share this blog Cybercriminals are employing increasingly sophisticated tactics to target unsuspecting users. One such tactic gaining traction is smishing – an attack that leverages text messages to deceive individuals into providing sensitive information or downloading malicious content. In this latest trend, cybercriminals create fake apps that mimic legitimate banking or financial services. These apps…

Defending Your Mobile Workspace: Mitigating Risks of Sideloading Apps

Defending Your Mobile Workspace: Mitigating Risks of Sideloading Apps

March 26, 2024 Monique Becenti Share this blog In today’s digitally-driven workplace, mobile applications (apps) have become indispensable tools for enhancing productivity and providing teams with seamless communication. As employees seek additional functionality and features beyond what official app stores offer, they often turn to third-party app stores. While the idea of third-party app stores may…

Top 7 Source Code Obfuscation Techniques

Top 7 Source Code Obfuscation Techniques

Every day the number and range of methodologies and malicious programs hackers use to gain unauthorized access to applications, devices, and personal information increases. Often software code itself provides the entry point for attack. According to the State of DevOps Report by Contrast Security, over 99% of technologists report that applications in production have a minimum of…

Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps

Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps

Executive Summary One-time passwords (OTPs) are designed to add an extra layer of security to online accounts, and most  enterprises have become very dependent upon them for controlling access to sensitive data and applications. However, these passwords are just as valuable to attackers. Mobile malware has become increasingly sophisticated, employing cunning tactics to steal these…

Leveraging Zimperium’s Zero-Day Detection to Combat OilAlpha’s Remote Access Trojans

Leveraging Zimperium’s Zero-Day Detection to Combat OilAlpha’s Remote Access Trojans

In an era where mobile threats are increasingly sophisticated, the security landscape demands robust solutions capable of defending against the most advanced attacks. One such threat is the Remote Access Trojan (RAT), a type of malware designed to remotely control a mobile device, steal sensitive information, and manipulate device functions. The recent incidents involving the…

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

Mobile Security Amongst Olympic Teams at the Paris 2024 Summer Olympics

As the world gathers for the 2024 Summer Olympics in Paris, the focus is not only on the athletes’ performances but also on the technology that supports them. Mobile devices have become indispensable for Olympic teams, providing critical data for training, performance tracking, and real-time analysis. However, with the increasing reliance on mobile technology comes…