Top 5 Scariest Malware for Halloween

Happy Halloween! Trustlook has compiled a colorful Halloween Android malware infographic. Based on a study of 376,031 malware samples in the month of October, we have identified the Top 5 Scariest Malware families, and offer a close-up look of actual malicious apps. Here is what is in the infographic:

▪ Descriptions of the Top 5 Scariest Malware families
▪ Access to detailed reports (clickable) of 20 real malicious apps
▪ Tips to stay protected against malware

Click here to view to infographic.



Latest BYOD research is part of Trustlook Insights Q4 report

Trustlook has released its Q4 Trustlook Insights report which focuses on the latest trends and best practices in BYOD (Bring Your Own Device). BYOD is the practice of allowing employees to use personal devices at work. It gives employees freedom over where (and how) they work, and allows companies to spend less in operating expenses. Despite its rising popularity, many employers are still on the fence. If not fully understood and regulated, BYOD can threaten IT security and put a company’s sensitive business systems at risk.

This report is the result of a survey of 320 Trustlook Mobile Security users. Some findings validated existing beliefs, while others were truly fascinating in terms of how BYOD is treated and understood at organizations. Such as:

▪ Only 39% of companies have a formal BYOD policy
▪ 70% of employees use a personal device at work
▪ 86% of companies have no preferred mobile security app
▪ 51% of employees have received no training on BYOD

Feel free to download the survey report and infographic and explore the latest findings.

Top 10 Trending Malwares for October 7, 2016

SkyEye from Trustlook provides deep insights into mobile apps. The following 10 apps contain the most dangerous malware for the past week.


See information on over 3 million apps on SkyEye.

Google Offers $200,000 to Find Android Vulnerabilities

Show me the money might become the new moniker in the hacking world. And with good reason. Google has announced it is going to offer up to $200,000 in prize money to the first team that can find a bug chain that can give remote access to multiple Android devices by just knowing their email address or phone numbers.

Announced by Google’s Project Zero research team, the contest began on 9/14/2016 and is scheduled to run through next March 14. Researchers are invited to find critical bugs in Android, specifically on Nexus 6P and Nexus 5x devices running builds that are current for the specific device.

This offer is largely in response to the widespread Android vulnerability discovered in August 2016 named Quadrooter that affected 900 million devices.

Google is banking on the prize amount being a motivator for hackers to find flaws in the ecosystem. The first prize in the competition is $200,000; the second prize is $100,000 and the third prize is $50,000. There will be additional awards for winning entries that are able to find flaws in the Google’s operating system.

800,000 Identities Stolen From Adult Porn Site Brazzers

Passwords, usernames and emails have all been made available for some 800,000 users in the latest big name data leak, this time from porn network Brazzers. That’s the number of email addresses that were retrieved by security monitoring firm Vigilante, though the leaked data is also said to contain plain-text passwords and usernames associated with those emails.

Despite claiming that it’s an old hack, Brazzers isn’t taking any chances and has shut down its forum temporarily while it investigates for any potential new breach in its security.

There are a couple ways to check if you have been part of this data breach. Use the Identity Check feature in the Trustlook Mobile Security app, or use the Have I Been Pwned website.

Beyond that, users are encouraged to change their password.

Trustlook Mobile Security Releases Instant Protection Feature

Trustlook has released a new feature in its Trustlook Mobile Security app that proactively notifies users of any new malware on their device. Instead of a user needing to re-scan their device in order to find malware, Trustlook will send a message to users if it discovers malware that was previously unknown.

For example:

  1. Jack installs a new app
  2. The Trustlook Mobile Security protection is triggered, and the app is uploaded to Trustlook’s cloud. But in some small instances Trustlook’s system has no prior knowledge of the app, so we consider it benign.
  3. A few days later, Trustlook’s Core Security system detects this new app as a malware
  4. Trustlook Operations launches “Instant Protection” to notify Jack of this malware and to uninstall the app.

In a perfect world, mobile devices would be 100% protected from security risks because security vendors would be aware of every malicious application that exists. However, that is not reality.  It’s not possible to have full, 100% coverage. So to mitigate this security risks, Trustlook now offers Instant Protection.