BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

Scammers Are Impersonating Singapore Post With Phishing Messages

Throughout 2022, threat actors have been masquerading as the postal service Singapore Post (SingPost) and one of Singapore’s leading telecommunications companies Singtel.

Lookout Discovers Hundreds of Predatory Loan Apps on App Stores

Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior.

Lookout Discovers Surveillance Campaigns Targeting Uyghurs

Researchers from Lookout Threat Lab have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.

Lookout Contributes to 2022 Verizon MSI With Security Insights

This year’s MSI is especially interesting, as it dives deeper into the interconnectivity that now exists between endpoint devices and cloud applications.

How to Stay Current with Changing Security Landscape

I spoke with Ramy Houssaini, Chief Cyber and Technology Risk Officer at BNP Paribas, about the challenges CISOs face in an increasingly complex digital landscape.

Lookout Uncovers Hermit Spyware Deployed in Kazakhstan

Lookout Threat Lab researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.

3 Lessons from Confluence Server Vulnerability (CVE-2022-26134)

The vulnerability would allow an unauthenticated malicious actor to execute arbitrary code on a Confluence Server or Data Center instance that could grant full command.

Protect Your Cloud Data From Insider Threats

We often associate breaches with corporate espionage and advanced persistent threat groups, but often, data is leaked by an organization’s own employees.

What You Need To Know About the Banking Trojan Anubis

Lookout researchers have discovered a novel distribution of the Anubis Android banking malware masquerading as telecommunications company, Orange S.A.

Lookout Take Down Phishing Scams Targeting U.S. Military Families

Lookout Threat Lab researchers looking into phishing campaign that has actively targeted families of United States military personnel. Details inside.

Achieving Zero Trust? One Size Does Not Fit All

We discuss the opportunities and challenges mobile and cloud technologies have created with Art Ashmann, Staff EUC Solutions Engineer at VMware.

Rooting Malware Makes Comeback: Lookout Discovers Global Campaign

Security researchers at the Lookout Threat Labs have identified a new rooting malware distributed on Google Play, the Amazon Appstore and the Samsung Galaxy Store.

2021 Day of Shecurity Event Reignites Diversity in Cyber

The exponential growth in success illustrates the fact that the tech industry is determined to reverse the diversity trend and encourage more women to join the field.

When Legit Apps Turn Malicious. Hint: It Happens Often

A popular Android app Barcode Scanner was recently found to be infected with adware. After an update in late 2020, it started pushing advertising to users without warning.

Confucius APT Android Spyware Linked to India-Pakistan Conflict

The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.

What SolarWinds Teaches Us About Zero Trust for Mobile Endpoints

On 12/17/2020, CISA put out an alert about an advanced persistent threat (APT) that compromised a number of U.S. government agencies, tech companies and public facilities.

New Spyware Used by Sextortionists | iOS/Android Blackmail

The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.

Multiyear Surveillance Campaigns Discovered Targeting Uyghurs

The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).

Nation-state Mobile Malware Targets Syrians with COVID-19 Lures

Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.

Phishing Attack Targeting UN Discovered by Lookout Phishing AI

Lookout Phishing AI has detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including UNICEF.

Q&A: A Candid Conversation With Women Working in Cybersecurity

In anticipation of the Day of Shecurity San Francisco, happening on October 11, we sat down with a few of our security intelligence engineers.

checkm8 IOS Vulnerability | Mobile Threat Defense Needs

Based on millions of iOS users that have installed Lookout and Lookout for Work apps, more than 80% of iPhones are vulnerable.

New Surveillanceware Developed by Russian Defence Contractor

Monokle is a new and sophisticated set of custom Android surveillanceware tools developed by the Russia-based company, Special Technology Centre, Ltd.

Adware "BeiTaAd" Found Hidden in Popular Applications

BeiTaAd is a well-obfuscated advertising plug-in hidden within a number of popular applications in Google Play. Discover more about this mobile threat.

Lookout Researchers Disable Android Malware

Lookout researchers have disabled DressCode, an Android malware family, with their click fraud business model and malware designed to evade detection in novel ways.

Lookout Discovers Phishing Site Targeting DNC

As reported in the media, Lookout has discovered a customer phishing kit targeted at the Democratic National Committee (DNC) via a third-party technology provider NGP VAN.

Stealth Mango and Tangelo | Surveillanceware Stealing Data

Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.

5 Year Old Banking Trojan/Malware As a Service Booming

BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials.

Mobile Persistent Threat Actor Running Global Espionage Campaign

Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign.

Tropic Trooper Goes Mobile With Titan Surveillanceware

Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.

Mobile Vulnerabilities What They Are & How They Impact Enterprise

Mobile device vulnerabilities can have equally devastating consequences, including compliance fines and brand reputation loss.

FrozenCell: Multi-Platform Surveillance Against Palestinians

Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.

XRAT Malware Tied to "Xsser/MRAT" Surveillance

Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.

Sideloaded Apps Demo: How ThirdParty Apps Can Leak Corporate Data

See this video to learn why enterprises should have visibility into sideloaded apps within their fleet of mobile devices.

How to Think About the Risks Facing Data From Mobility

The Spectrum of Mobile Risk research report and the Mobile Risk Matrix is designed to help security organizations understand the risks to enterprise data from mobility.

ViperRat - Mobile APT Targeting Israeli Defense Force

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.

Privacy Zeitgeist

Lookout/ICM research shows that Brits are now hyper-vigilant about protecting the privacy of the data on their mobile phones.

Android Security Bulletin: A Year of Patches

One year into Google’s monthly patching for Android, the August 2016 bulletin contains 103 patches, just short of the high of 108 from last month.

Introducing the App Genome Project

Lookout App Genome Project was created to identify security threats in the wild and provide insight into how applications are accessing personal data

The House Always Wins: Takedown of Banking Trojan in Google Play

Lookout recently identified an app called “Black Jack Free” in the Google Play store, which turned out to be a variant of the malware family Acecard.

The New NotCompatible | Threat to Enterprise Networks

Over the past two years, Lookout has tracked the evolution of NotCompatible, which has set a new bar for mobile malware sophistication and operational complexity.

Just the Facts: Xsser mRAT iOS Malware

There has been a lot of alarm about Xsser mRAT, the iOS and while there might be some cause for concern, we wanted lay out the facts as we see them.

Mobile Mind Isn't Going To Be Profitable

Digital currency miners are a new trend in the mobile world including BadLepricon, CoinKrypt, Widdit, FreeLotto, and TokenCrypt. What are the threats?

Security Alert: SimpleTemai

Lookout discovered a mobile click fraud family dubbed “SimpleTemai.”

Security Alert: SpamSoldier

Lookout identified SpamSoldier, a spammer botnet agent that uses infected phones to send a barrage of SMS spam messages without the user's consent.

Our Thoughts on the Android Spam "Botnet"

Any traffic that is sent by the Yahoo! Mail Android app can easily be intercepted over an open network connection such as a public WiFi network.

Security Alert: Android Trojan GGTracker Charges Premium Rate SMS

Lookout has identified a new Android Trojan, GGTracker, which is automatically downloaded to a user’s phone after visiting a malicious webpage that imitates the Android Market

Security Alert: First Android SMS Trojan Found in the Wild

Lookout has pushed an over-the-air (OTA) update to automatically protect all Lookout Android users from this newly reported Trojan.

Security Alert: New Variants of Legacy Native (LeNa) Identified

We recently encountered an interesting new variant of our “old friend” Legacy Native (LeNa).

Security Alert: Shoot the Bulk Messenger

Executive Summary with texting the national pastime, text messages are cheap and unlimited plans abound.

Security Alert: HongTouTou, New Android Trojan, Found in China

Lookout has discovered a new Android Trojan that is repackaged in popular Android apps and distributed through app markets and forums serving Chinese-speaking users.

Gamex Trojan in Root-Required Apps Tricking Users into Downloads

Lookout has identified Gamex, a new Android Trojan concealed in repackaged versions of legitimate applications that require root access to the phone.

Energy Industry Threat Report

The energy industry is a prime target for attacks as mobile threats like phishing and app encounter rate is higher than other industries. Discover what these threats mean.

Telework Exposed to Heightened Mobile Risk

Lookout data reveals that U.S. government organizations are exposed to hundreds of vulnerabilities from outdated operating systems and risky apps which steal credentials.

The Pharmaceutical Threat Report

Access the Pharmaceutical Threat Report to better understand the risks mobile devices have introduced into your organization with Lookout today.

Financial Services Threat Report

Mobility and cloud apps are now a key component of how financial institutions operate. Read this report to better understand the risks your organization is exposed to.

SilkBean Technical Report

The Lookout Threat Intelligence team discovered four Android surveillanceware tools used to target the Uyghur ethnic minority group.

Technical Analysis of Pegasus Whitepaper

Read Lookout's investigation into this highly sophisticated espionage software. The attack takes advantage of how essential mobile devices in our lives.

iOS 15.7.5/iOS 16.4

Apple recently released two critical updates for iOS with heavy security implications. iOS 16.5 and iOS 15.7.6 patch a combined 56 issues.

Exynos Modems

Google Project Zero listed 18 vulnerabilities in Samsung Exynos modems produced by Samsung Semiconductor.

iOS 16.4

iOS 16.4.1 includes two critical fixes for two zero day vulnerabilities, CVE-2023-28206 and CVE-2023-28205, that have known exploits in the wild.

Pinduoduo App

Pinduoduo, a large Chinese online retailer, recently had their app removed from both the Google Play Store and iOS App Store because of malicious activity in their app.

iOS 16.3 Vulnerability Fixes

Apple recently released iOS 16.3.1, which includes a number of critical security fixes for vulnerabilities including CVE-2023-23514 and CVE-2023-23529.

iOS 16.1.1 and 16.1.2

Apple recently released two software updates with security fixes: iOS 16.1.2 and iOS 16.2.

Chrome 9th Zero Day | CVE-2022-4262

Google released an emergency patch for a new zero-day vulnerability tracked as CVE-2022-4262. The CVE is found in the V8 Javascript engine of Chromium

ChromeHeap | CVE-2022-4135

Google patched a new zero-day found in the GPU component of the Chromium open-source web browser causing a heap buffer overflow.

Samsung Devices | CVE-2021-25337/369/370

Google TAG under Project Zero revealed an active kill chain that exploits vulnerabilities in Samsung devices.

Chrome Zero Day | CVE-2022-3723

Google recently released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind popular web browser

iOS 16 Zero Day

"Apple recently released a software update to iOS 16.1 and iPadOS 16 to patch a zero-day kernel vulnerability identified as CVE-2022- 42827"


Google released a patch for a new zero-day vulnerability found in the Chromium open-source web browser project, which provides the codebase behind some popular web browsers.

iOS 15.6.1 Zero-Day

Apple released a software update to iOS and iPadOS 15.6.1 to patch a zero-day kernel vulnerability identified as CVE-2022-32917.

Sharkbot V2

Threat researchers discovered multiple Google Play listings for dropper apps which installed the infamous mobile banking trojan Sharkbot.

iOS 15.6 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.6 to patch two core zero-day vulnerabilities, CVE-2022-32894 (Kernel) and CVE-2022-32893 (Webkit).

iOS 15.5 Vulnerabilities

Apple released a software update to iOS and iPadOS 15.5 to patch 35 issues, including two critical vulnerabilities identified by Lookout which grant control of the device.

8 iOS & Android CVEs

CISA recently announced several exploitable mobile vulnerabilities that can affect both Android and iOS devices. They vary in severity and can be deployed in several ways.

CVE-2022-1633 – 1641

Researchers recently discovered and disclosed to Google nine vulnerabilities in Google Chrome for Android. The vulnerabilities are CVE-2022-1633 through CVE-2022-1641.


Google's Threat Analysis Group recently discovered and disclosed an exploitable vulnerability in Chromium, which is identified as CVE-2022-1364.

U.S. Federal Mobile Threats

Lookout analyzed its mobile security data to provide a view into the current mobile security risks facing US Federal government mobile users.

Productivity Suites Like Office 365 Are Vital to How Work Remotely

Lookout helps businesses scale mobile security as employees go remote.

How Manufacturers Can Mitigate Mobile Phishing Risks

From the inherent risks of cloud apps to the ongoing need to protect intellectual property and maintain industry compliance. Learn how to protect your manufacturing business.

Lookout + Google Cloud

Together, Lookout and Google ensure only trusted mobile devices have access to your sensitive data.

Lookout Discovery – Chinese Surveillanceware

Lookout is constantly discovering and researching new threats to protect and advise our customers

Lookout CCA + GSuite Continuous Conditional Access

Read the four mobile security insights CISOs must know to prepare for a strategic conversation with the CEO and board about reducing mobile risks.

The Four Biggest Threats to Financial Services

With mobile as a catalyst for digital transformation in financial services, organizations must secure all users, devices, apps, and data —from endpoints to the cloud.

Lookout Integrations and Alliances Overview

As the leading provider of mobile security, Lookout integrates with tools that help organizations benefit from unified security, visibility, and management of endpoints.

Nation State Mobile Surveillanceware Using Phishing To Con Victims

Lookout Security Intelligence has discovered a set of custom Android and iOS surveillanceware tools we’re respectively calling Stealth Mango and Tangelo.

Lookout App Security Assessment

A Lookout App Security Assessment report summarizes the relevant, actionable results of Lookout's machine intelligence and researcher-driven analyses.

Mobile Intelligence: Get Access to the World’s Largest Mobile Dataset

Lookout's Mobile Intelligence Center accelerates mobile threat investigations with real-time access to the world's largest mobile dataset.