Results for android malware

Threat Research

Android Malware Targets Diabetic Patients

Read FortiGuard Labs' analysis of a recent android malware targeting diabetic patients.

By Axelle Apvrille January 31, 2020

Threat Research

FortiGuard Labs Weekly Threat Update – November 8, 2019

Learn about the cyber threats uncovered during the week of November 8, 2019, including the exploitation of the BlueKeep Vulnerability, SVG image attack vectors, and more.

By Jeannette Jarvis November 08, 2019

Threat Research

FunkyBot: A New Android Malware Family Targeting Japan

FortiGuard Labs has uncovered FunkyBot, a new android malware family targeting Japan. Read more about the packing mechanisms and deployed payload of FunkyBot.

By Dario DurandoSeptember 04, 2019

Threat Research

BianLian: A New Wave Emerges

The FortiGuard Labs team has encountered a new version of the BianLian malware family with new functionalities and unseen techniques to hide its true functionality. Read more about this breaking threat research.

By Dario DurandoJuly 03, 2019

Industry Trends

As the Holiday Season Draws Near, Mobile Malware Attacks Are Prevalent

Fortinet's quarterly Global Threat Landscape Report reveals threats are increasing and evolving to become more sophisticated. Unique threat variants and families are on the rise, while botnet infections continue to infect organizations.

By FortiGuard SE TeamNovember 14, 2018

Threat Research

How-to Guide: Defeating an Android Packer with FRIDA

FortiGuard Labs has encountered a lot of packed Android malware recently. One interesting aspect to this malware is that even though the packer being used is consistently the same, the malware that it drops changes quite frequently. In this blogpost we will demonstrate how to unpack the malware deployed by today’s most common dropper using only open-source free tools.

By Dario DurandoNovember 02, 2018

Threat Research

FakeSpy Comes Back. New Wave Hits Japan

FortiGuard Labs recently encountered malicious traffic traveling to a C2 server located in China. The connection was established by a domain using a name that closely resembled one of Japan’s most famous express post delivery services. Our analysis showed that the website making this connection is fake, and moreover, it is spreading an Android malware.

By Dario Durando, Evgeny AnaninOctober 02, 2018

Threat Research

An Android Package is no Longer a ZIP

Over the past few years, I have been giving workshops on Android reverse engineering - my next one will be an advanced session at Virus Bulletin in October. As with most other researchers on Android, I typically start off with a slide explaining that an Android Package (APK) is just a ZIP. Since Android 7.0, however, this is no longer true.

By Axelle ApvrilleAugust 23, 2018

Threat Research

Android/BondPath: a Mature Spyware

We have recently stumbled on several active samples of an Android spyware. They belong to a family we have named BondPath (also known as PathCall or Dingwe), which was first reported in May 2016. While our customers have been protected against that malware since 2016, in July 2018 we discovered that some samples are still in the wild and continue to be a threat to unprotected smartphones.

By Axelle ApvrilleAugust 23, 2018

Threat Research

Android Spyware Now Dropping Legit Apps?

Building on some previous research in the industry, FortiGuard Labs recently took a closer look at some Android malware impersonating the mobile version of the very popular game Fortnite.

By Dario DurandoJune 03, 2018