A US-funded government assistance program is selling budget-friendly mobile phones that come pre-installed with unremovable malicious apps. Malwarebytes Labs investigates the malware’s origins.
Since its discovery less than a month ago, a stealthy new Android malware has already been detected on over 500 devices, and it’s on the rise. Learn how this clever threat pretends to be an ad blocker and then hides itself on mobile devices, all while serving up tons of ads.
We found a new Trojan that uses aggressive techniques, including blocking access to security sites, to deliver an adware bundler. Read up on what Extenbro can do and how to get this pest off your system.
Push notifications are being added to the arsenal of PUPs, adware, and even a Trojan browser extension that spams Facebook groups.
Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.
Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.
The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions of Fortnite for Android. Spoiler alert: they’re fake.
QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.