On Android Philosophy and its Effects on Malware
We have spent some time in custom sample development, based on methods seen in the wild. During the countless hours of sitting in front of …
Read moreAndroid AV vs. Third-Party App Stores
Introduction Recently, we have been working on some advanced Android malware and to test some ideas, we opted to create some custom samples. Our approach …
Read moreEncrypted exploit delivery – #IRONSQUIRREL
This research deals with the delivery of encrypted browser exploits to a victim’s browser. It is a follow-up post to some research I did 2 …
Read moreA Note on the War of Android AVs and Advanced Malware
Recently, we performed an in-depth analysis of multiple Android AV engines. We checked how they perform in scenarios where the users’ device has not yet …
Read moreCurrent state of malicious Powershell script blocking
The current state of malicious Powershell script blocking is bad, very bad. There is room for improvement … Only two products (among the tested ones) …
Read moreWebroot SecureAnywhere Android AV coordinated disclosure
Researchers of MRG Effitas tested the Webroot SecureAnywhere Android application. During use, we came across implementation details, which might undermine the Vendor’s efforts to provide …
Read moreLimitations of Android AntiVirus Scanners
Recently, MRG Effitas have been involved in a test of Android based AV products. Having completed the test process, we realised that the general approach …
Read moreEternalRomance vs Internet Security Suites and nextgen protections
This blog post is an auxiliary post to our Eternalblue test. If you have not read that, please read it, and go back when it …
Read more