Malware uses Google Talk to make malicious phone calls

We found a new piece of mobile malware using Google Talk to make your phone make unwarranted and malicious outgoing calls.

Read more

Android Trojan FakeApp masquerading as legitimate

A variant of Android/Trojan.FakeApp is stealing the identities of popular applications (apps) such as TrueCaller and Torque Pro. As soon as the FakeApp is installed a shortcut with an icon stolen from one of these popular apps is created, and a notification pops up. The notification also appears whenever the shortcut icon is clicked.

Read more

Trojan clicker’s gaze cast upon Google Play store

We’ve discovered a Trojan clicker on the Google Play store doing far more than advertised. The app name in Turkish is “Mayis Guzel Aydir”, which roughly translates to “May is a Beautiful Month”. Clicker App / When you open the app, the full-screen eyeball gives off a definite 2001: A Space Odyssey vibe.

Read more

De-obfuscating malicious Vbscripts

With the returned popularity of visual basic as a first attack vector in mind, we took a look at de-obfuscating a few recent vbs files starting with a very easy one and progressing to a lot more complex script.

Read more

Trojan.DNSChanger circumvents Powershell restrictions

We take a close look at the functionality of a new variant of the DNS-changer adware family. Especially the use of encoded scripts as a way to bypass the Powershell execution protection.

Read more

Select your language