Lookout Threat Intelligence

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel.

Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior.

Researchers from Lookout Threat Lab have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.

This year’s MSI is especially interesting, as it dives deeper into the interconnectivity that now exists between endpoint devices and cloud applications.

I spoke with Ramy Houssaini, Chief Cyber and Technology Risk Officer at BNP Paribas, about the challenges CISOs face in an increasingly complex digital landscape.

Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.

The vulnerability would allow an unauthenticated malicious actor to execute arbitrary code on a Confluence Server or Data Center instance that could grant full command.

We often associate breaches with corporate espionage and advanced persistent threat groups, but often, data is leaked by an organization’s own employees.

Lookout researchers have discovered a novel distribution of the Anubis Android banking malware masquerading as telecommunications company, Orange S.A.

Lookout Threat Lab researchers looking into phishing campaign that has actively targeted families of United States military personnel. Details inside.

We discuss the opportunities and challenges mobile and cloud technologies have created with Art Ashmann, Staff EUC Solutions Engineer at VMware.

Security researchers at the Lookout Threat Labs have identified a new rooting malware distributed on Google Play, the Amazon Appstore and the Samsung Galaxy Store.

The exponential growth in success illustrates the fact that the tech industry is determined to reverse the diversity trend and encourage more women to join the field.

A popular Android app Barcode Scanner was recently found to be infected with adware. After an update in late 2020, it started pushing advertising to users without warning.

The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.

On 12/17/2020, CISA put out an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, tech companies and public facilities.

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.

The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).

Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.

Lookout Phishing AI has detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including UNICEF.

In anticipation of the Day of Shecurity San Francisco, happening on October 11, we sat down with a few of our security intelligence engineers.

Based on millions of iOS users that have installed Lookout and Lookout for Work apps, more than 80% of iPhones are vulnerable.

Monokle is a new and sophisticated set of custom Android surveillanceware tools developed by the Russia-based company, Special Technology Centre, Ltd.

BeiTaAd is a well-obfuscated advertising plug-in hidden within a number of popular applications in Google Play. Discover more about this mobile threat.

Lookout researchers have disabled DressCode, an Android malware family, with their click fraud business model and malware designed to evade detection in novel ways.

As reported in the media, Lookout has discovered a customer phishing kit targeted at the Democratic National Committee (DNC) via a third-party technology provider NGP VAN.

Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.

BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials.

Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign.

Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.

Mobile device vulnerabilities can have equally devastating consequences, including compliance fines and brand reputation loss.

Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.

Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.

See this video to learn why enterprises should have visibility into sideloaded apps within their fleet of mobile devices.

The Spectrum of Mobile Risk research report and the Mobile Risk Matrix is designed to help security organizations understand the risks to enterprise data from mobility.

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.

Lookout/ICM research shows that Brits are now hyper-vigilant about protecting the privacy of the data on their mobile phones.

One year into Google’s monthly patching for Android, the August 2016 bulletin contains 103 patches, just short of the high of 108 from last month.

Lookout App Genome Project was created to identify security threats in the wild and provide insight into how applications are accessing personal data

Lookout recently identified an app called “Black Jack Free” in the Google Play store, which turned out to be a variant of the malware family Acecard.

Over the past two years, Lookout has tracked the evolution of NotCompatible, which has set a new bar for mobile malware sophistication and operational complexity.

There has been a lot of alarm about Xsser mRAT, the iOS and while there might be some cause for concern, we wanted lay out the facts as we see them.

Digital currency miners are a new trend in the mobile world including BadLepricon, CoinKrypt, Widdit, FreeLotto, and TokenCrypt. What are the threats?

Lookout discovered a mobile click fraud family dubbed “SimpleTemai.”

Lookout identified SpamSoldier, a spammer botnet agent that uses infected phones to send a barrage of SMS spam messages without the user's consent.

Any traffic that is sent by the Yahoo! Mail Android app can easily be intercepted over an open network connection such as a public WiFi network.

Lookout has identified a new Android Trojan, GGTracker, which is automatically downloaded to a user’s phone after visiting a malicious webpage that imitates the Android Market

Lookout has pushed an over-the-air (OTA) update to automatically protect all Lookout Android users from this newly reported Trojan.

We recently encountered an interesting new variant of our “old friend” Legacy Native (LeNa).

Executive Summary with texting the national pastime, text messages are cheap and unlimited plans abound.

Lookout has discovered a new Android Trojan that is repackaged in popular Android apps and distributed through app markets and forums serving Chinese-speaking users.

Lookout has identified Gamex, a new Android Trojan concealed in repackaged versions of legitimate applications that require root access to the phone.