vulnerability

Trojan Intercepts SMS Messages To Attack Banks In South Korea

Banks in South Korea recently started to offer customers a text messaging option to access accounts and authenticate transactions. It was reported that a major South Korea bank, KEB Hana Bank, was the first to launch the text banking service in the country on Nov 21, 2016. Unfortunately, cyber thieves have picked up on this, Read More

Digging into ADUPS FOTA data collection details

People like to think their brand new phone is clean and free of malware, but that is not always the case. Some smartphone manufacturers choose to use a third party FOTA (Firmware Over-The-Air) service instead of Google’s, which can pose serious security risks. This is what happened in the case of Shanghai based ADUPS Technology Read More

adups_ss

Trustlook Releases ADUPS Vulnerability Detector

Trustlook has released a new feature in its Trustlook Mobile Security app that identifies the presence of rogue firmware from Shanghai ADUPS Technology Co. This potentially dangerous firmware comes pre-installed on some Android phones, and can monitor text messages, phone call histories, and details of how the phone is being used all without the user’s Read More

Banking Trojan Targets German Financial Institutions

This report summarizes a mobile malware attack recently discovered by Trustlook Labs. Based on the information we obtained, Trustlook can confirm that various financial institutions across the world have been targeted, with Germany being the most targeted country in the attack. Trustlook Labs investigated the malware’s attack vectors as well as the communication between the Read More

byod22

Latest BYOD research is part of Trustlook Insights Q4 report

Trustlook has released its Q4 Trustlook Insights report which focuses on the latest trends and best practices in BYOD (Bring Your Own Device). BYOD is the practice of allowing employees to use personal devices at work. It gives employees freedom over where (and how) they work, and allows companies to spend less in operating expenses. Despite Read More

How to Unpack Baidu Protect through Memory Dumping

Trustlook Mobile Security has researched an app (MD5: 67257EA2E9EC6B35C9E5245927980EEA) that is packed/encrypted by Baidu Protect, the service provided by Baidu. Users can upload their APKs to the developer portal in Baidu to get their apps hardened. The app terminates itself when running on several versions of Android emulators. It runs on a Moto G phone Read More

badkernel-blog

BadKernel Vulnerability Technical Details

360 researchers (Alpha Team) has recently uncovered a vulnerability that affects millions of Android phones.  Since it is especially widespread in China and can cause significant damage, it has been assigned CNNVD-201608-414 in the Chinese National Vulnerability Database of Information Security.  CNNVD is the Chinese equivalent of the US Common Vulnerabilities and Exposures system (CVE). Read More