UC Browser app abuses may have exposed 500 million users

|
Recently, when examining the Zscaler cloud for unusual activity, ThreatLabZ researchers found some questionable hits in relation to a particular domain: 9appsdownloading[.]com. Upon analysis, we found these requests being made from a popular browser that's available on Google Play and has more than 500 million downloads to date: the UC ... Read More

From third-party Android store to SMS Trojan

| | Abuse
In lieu of downloading and installing apps from the official Android app store, users often turn to third-party stores. The reasons vary, from wanting a particular app that isn’t available on the official store to seeking cracked apps—versions that have been modified to disable certain features, such as copyright protections—of ... Read More

Soulmate: A Dating App That Spies On You

|
During a recent hunt for malware, the Zscaler™ ThreatLabZ team came across a piece of spyware disguised as an Android app and hosted on Google Play, Google’s official Android app store. The app portrays itself as partner matching app called Soulmate, designed to help you find (and keep tabs on) ... Read More

Why you shouldn’t trust “safe” spying apps!

|
During a recent malware hunt, the ZscalerTM ThreatLabZ research team came across a suspicious Android app on Google Play, the official Google app store, named SPYMIE. SPYMIE portrays itself as an Android-based key logger designed for parents to track the cell phone activities of their children. Given the popularity of ... Read More

Mobile App Wall Of Shame: Trip38

| | Mobile
Compared to Android users, iOS users tend to feel fairly safe from lurking threats. But, occasionally, that sense of security is tested. Zscaler ThreatLabZ recently came across an app that had a significant flaw, causing it to leak the personal information of iOS users. The details of the app are ... Read More

RuMMS malware is back…with enhancements

Recently, the Zscaler ThreatLabZ team came across a nasty piece of malware hosted on a fake MMS website called mmsprivate[.]site. The site lures victims with what seem to be private photos, inviting them to take a closer look. Upon accepting the offer, victims fall prey to a malicious Android Package ... Read More

Fake Teleg’e’ram on Google Play

|
Recently, the Russian government ordered the immediate blocking of the messaging app Telegram and requested its removal from the Apple App Store and Google Play Store. In reviewing activities around this matter, Zscaler ThreatLabZ researchers noticed a fake Telegram app making the rounds in the Google Play Store. Zscaler informed ... Read More

Spyware presence in enterprise networks

|
There are apps for everything, including spying. Users often download such apps for little to no cost and for innocent reasons, such as monitoring their children’s activity on mobile devices. However, what happens when the app is malicious and instead spies on the original user and the environments that user ... Read More