April 11, 2023
Pinduoduo, a large Chinese online retailer, recently had their app removed from both the Google Play Store and iOS App Store because of malicious activity in their app.
November 30, 2022
Researchers at Lookout have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior.
September 12, 2022
Threat researchers discovered multiple Google Play listings for dropper apps which installed the infamous mobile banking trojan Sharkbot.
Lookout researchers have discovered a novel distribution of the Anubis Android banking malware masquerading as telecommunications company, Orange S.A.
The Alien mobile malware, which is a variant of Cerberus, joins the likes of Eventbot, Cerberus, and Anubis as well-known and highly customizable banking malware.
Mobile rooting malware found on Google Play, Amazon Appstore, and the Samsung Galaxy Store.
Security researchers at Lookout have identified a new rooting malware distributed on Google Play, the Amazon Appstore and the Samsung Galaxy Store.
Kaseya recently fell victim to a ransomware attack executed by the REvil group. In all between 800 and 1,500 businesses down the chain were affected by this attack.
Dozens of crypto apps in the Play Store have scammed money from over 93,000 individuals
The Colonial Pipeline ransomware attack demonstrated how cybercrime groups exploit diminishing visibility, legacy security systems, and mobile devices to extort money.
A customizable Malware-as-a-Service banking trojan delivered through any app with messaging capabilities.
Novel Android surveillanceware developed by pro-India APT group Confucius targeting Pakistani officials
The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.
A blackmail and sextortion campaign targeting individual users on both iOS and Android
The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.
This is a variant of an existing mobile ransomware with novel techniques and behavior on Android devices.
The advertising SDK by Mintegral used in iOS apps had some risky permissions that could violate end-user privacy.
The Lookout Threat Intelligence team discovered four Android surveillanceware tools used to target the Uyghur ethnic minority group.
The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).
Lookout conducted an in-depth analysis of the fake TikTok Pro app and has classified it as toll fraud malware.
Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.
LightSpy was the malware behind the Poisoned News watering hole campaign on iOS.
In April 2020, Lookout released findings on a long-running surveillanceware campaign with ties to Syrian nation-state actors.
This attackers behind this remote access trojan (RAT) attack used social engineering to target Israeli Defense Force (IDF) soldiers.
ToTok is a very popular chat app used in the Middle East that was discovered to be spying on all its users despite not having any nefarious permissions built into the app.
This malware can deploy second-stage malware payloads which can steal user login information, keylog, deploy ransomware, and bypass MFA with SMS interception.
AzSpy appeared to be part of a commercial Android spy platform, known as FullSpy, with a user login page to monitor infected devices.
Joker is a widely-used trojan that continues to appear in apps on the Google Play Store.
Monokle is an advanced and highly-targeted surveillanceware developed by Russian firm STC. It has a number of unique capabilities for stealing data from Android devices
This is a family of applications that infects programs by adding its own components to a target Android Package (APK) without changing its digital signature.
BeiTaAd is a well-obfuscated advertising plug-in hidden within a number of popular applications in Google Play. Discover more about this mobile threat.
BeiTaAd is a well-obfuscated advertising plugin that forcibly displayed ads on the user’s lock screen, triggered video and audio advertisements even while the phone is asleep.
eSurvAgent is a sophisticated Android surveillanceware agent.
Lookout researchers have disabled DressCode, an Android malware family, with their click fraud business model and malware designed to evade detection in novel ways.
Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.
Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.
Lookout researchers discovered samples belonging to the ViperRAT malware family, a known mobile advanced persistent threat (mAPT), in the Google Play Store.
BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials.
Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor running a global espionage campaign.
Lookout has discovered new variants of the SpyWaller surveillanceware with advanced espionage capabilities.
Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.
Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.
Lookout Security Intelligence researchers discovered the spyware in Google Play and connected it to a known malicious actor potentially operating out of Iraq.
Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Discover more with Lookout today.
When WannaCry started disrupting business operations, mobile devices enabled some work to continue. However, the majority of business are unprepared for an attack on mobile.
Apple released an update to iOS (10.3) changing how Mobile Safari handles JavaScript pop-ups after Lookout discovered scammers using the functionality to execute scareware.
Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.
This is not actually a net new malware family, but rather it’s a variant of the family “Ghost Push,” a threat first discovered in 2014.
Lookout researchers have been tracking Android and iOS surveillanceware, that can exfiltrate contacts, recordings, photos, & more. Discover what was found.
Shedun is trojanized adware that roots Android devices, masquerading as legitimate apps such as Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app.
LevelDropper, an app in the Google Play Store that Lookout determined to be malicious, the latest example of a new and persisting trend in mobile threats: autorooting malware.
Lookout recently identified an app called “Black Jack Free” in the Google Play store, which turned out to be a variant of the malware family Acecard.
With the help of the Lookout Security Cloud, we confirmed our suspicions that the author(s) behind the Brain Test malware had slipped additional malicious apps to Google Play.
In addition to rooting a victim’s device, Lookout observed Shedun abusing the Android Accessibility Service for its malicious means.
Recently, news broke about a concerning app called InstaAgent. The app connects to the victim’s Instagram account and steals the user’s login credentials.
Lookout protects you from XcodeGhost by automatically detecting and alerting you to the offending app. See how iOS users are being protected with Lookout.
Researchers recently found a piece of iOS malware called XcodeGhost in a number of apps in the Apple App Store. XcodeGhost is a piece of malware that can steal data
The recently revealed KeyRaider is yet another proof point that malicious actors are looking to tinker with iOS.