7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs

September 22, 2022 1:10 pm

Introduction In 2022, Check Point Research (CPR) observed a new wave of a long-standing campaign targeting the Uyghur community, a Turkic ethnic group originating from Central Asia, one of the largest minority ethnic... Click to Read More

PixStealer: a new wave of Android banking Trojans abusing Accessibility Services

September 29, 2021 12:54 pm

Research by: Israel Wernik, Bohdan Melnykov Introduction By limiting physical interactions, the COVID-19 pandemic significantly accelerated the digitization of the banking industry to fulfill customer needs.  To cope with the demand, improve access... Click to Read More

Clast82 – A new Dropper on Google Play Dropping the AlienBot Banker and MRAT

March 9, 2021 2:00 pm

Research by: Aviran Hazum, Bohdan Melnykov, Israel Wernik Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT.... Click to Read More

Going Rogue- a Mastermind behind Android Malware Returns with a New RAT

January 12, 2021 1:49 pm

Research by: Aviran Hazum, Alex Shamshur, Raman Ladutska, Ohad Mana, Israel Wernik Introduction Now more than ever, we rely on our smartphones to keep in touch with our work, our families and the... Click to Read More

Vulnerability in Google Play Core Library Remains Unpatched in Google Play Applications

December 3, 2020 1:58 pm

Research by: Aviran Hazum, Jonathan Shimonovich Overview: A new vulnerability for the Google Play Core Library was published in late August, which allows Local-Code-Execution (LCE) within the scope of any application that has... Click to Read More

First seen in the wild – Malware uses Corporate MDM as attack vector

April 29, 2020 4:38 am

Research by: Aviran Hazum, Bogdan Melnykov, Chana Efrati, Danil Golubenko, Israel Wernik, Liav Kuperman, Ohad Mana Overview: Check Point researchers discovered a new Cerberus variant which is targeting a multinational conglomerate, and is... Click to Read More

Google Play Store Played Again – Tekya Clicker Hides in 24 Children’s Games and 32 Utility Apps

March 24, 2020 2:14 am

Research by Israel Wernik, Danil Golubenko , Aviran Hazum    Although Google has taken steps to secure its Play store and stop malicious activity, hackers are still finding ways to infiltrate the app store and access users’... Click to Read More

Android App Fraud – Haken Clicker and Joker Premium Dialer

February 21, 2020 3:00 am

Research by: Ohad Mana, Israel Wernik, Bogdan Melnykov, Aviran Hazum Intro Check Point researchers have recently discovered a new clicker malware family, along with fresh samples of the Joker malware family in Google Play.... Click to Read More

Hamas Android Malware On IDF Soldiers-This is How it Happened

February 16, 2020 6:18 am

Introduction: Earlier today, IDF’s spokesperson revealed that IDF (Israel Defense Force) and ISA (Israel Security Agency AKA “Shin Bet”) conducted a joint operation to take down a Hamas operation targeting IDF soldiers, dubbed... Click to Read More

Agent Smith: A New Species of Mobile Malware

July 10, 2019 5:58 am

  Research by: Aviran Hazum, Feixiang He, Inbal Marom, Bogdan Melnykov, Andrey Polkovnichenko   Check Point Researchers recently discovered a new variant of mobile malware that quietly infected around 25 million devices, while... Click to Read More

The NSO WhatsApp Vulnerability – This is How It Happened

May 14, 2019 10:57 am

  Earlier today the Financial Times published that there is a critical vulnerability in the popular WhatsApp messaging application and that it is actively being used to inject spyware into victims phones. According... Click to Read More

SimBad: A Rogue Adware Campaign On Google Play

March 13, 2019 6:22 am

Research by: Elena Root and Andrey Polkovnichenko   Check Point researchers from the Mobile Threat Team have discovered a new adware campaign on the Google Play Store. This particular strain of Adware was... Click to Read More

Operation Sheep: Pilfer-Analytics SDK in Action

March 13, 2019 6:22 am

Research by: Feixiang He, Andrey Polkovnichenko   Check Point Research has recently discovered a group of Android applications massively harvesting contact information on mobile phones without the user’s consent. The data stealing logic... Click to Read More

Zooming In On “Domestic Kitten”

October 23, 2018 7:29 am

  In recent years, Iran has been channeling significant resources into cyber warfare, devoting designated entities within multiple government agencies to conduct extensive espionage campaigns against foreign countries such as the United States,... Click to Read More

Domestic Kitten: An Iranian Surveillance Operation

September 7, 2018 6:03 am

  Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the... Click to Read More