Michael Flossman

Head of Threat Intelligence

Michael is Head of Threat Intelligence at Lookout where he works on reverse engineering sophisticated mobile threats while tracking their evolution, the campaigns they are used in, and the actors behind them. He has hands-on experience in vulnerability research, incident response, security assessments, pen-testing, reverse engineering and the prototyping of automated analysis solutions. When not analysing malware there’s a good chance he’s off snowboarding, diving, or looking for flaws in popular mobile apps.

My Articles

Stealth Mango and Tangelo | Surveillanceware Stealing Data

Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.

New Surveillanceware in Google Play Targeting Middle East

Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.

5 Year Old Banking Trojan/Malware As a Service Booming

BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials.

Mobile APT (mAPT) SpyWaller Re-emerges, May Include Western Targets

Lookout has discovered new variants of the SpyWaller surveillanceware with advanced espionage capabilities.

Tropic Trooper Goes Mobile With Titan Surveillanceware

Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.

JadeRAT Mobile Surveillanceware Spikes in Espionage Activity

Lookout researchers are monitoring the evolution of an Android surveillanceware family known as JadeRAT, we believe may be connected to a government sponsored APT group.

FrozenCell: Multi-Platform Surveillance Campaign Against Palestinians

Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.

XRAT Malware Tied to "Xsser/MRAT" Surveillance

Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.

Must Read for Enterprises Sending Employees Abroad: The SonicSpy Malware Family

Lookout Security Intelligence researchers discovered the spyware in Google Play and connected it to a known malicious actor potentially operating out of Iraq.

SonicSpy: Over a Thousand Spyware Apps Discovered, Some in Google Play

Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Discover more with Lookout today.

ViperRat - Mobile APT Targeting Israeli Defense Force

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.