Improving Android Antivirus Efficacy Testing: Detection Upon Download
When performing Android antivirus 360° efficacy testing at MRG Effitas, we try to keep practicality for the everyday user in mind to ensure that the …
Read moreThe Smartphone Privacy Fallacy
When performing quarterly assessments of Android AVs and doing the necessary research to keep ourselves up-to-date, we keep an eye on the trends in mobile …
Read moreExploits: Detection is not enough
One of the most interesting and challenging parts of our 360° Protection Testing is the exploits/fileless test. Exploits are pieces of code that interact with …
Read moreAndroid Philosophy and its Effects on Malware
Why the nature and philosophy of Android make it the go-to platform for threat actors and why Android malware is on the rise.
Read moreAndroid AV vs. Third-Party App Stores
Introduction Recently, we have been working on some advanced Android malware and to test some ideas, we opted to create some custom samples. Our approach …
Read moreEncrypted exploit delivery – #IRONSQUIRREL
This research deals with the delivery of encrypted browser exploits to a victim’s browser. It is a follow-up post to some research I did 2 …
Read moreA Note on the War of Android AVs and Advanced Malware
Recently, we performed an in-depth analysis of multiple Android AV engines. We checked how they perform in scenarios where the users’ device has not yet …
Read moreCurrent state of malicious Powershell script blocking
The current state of malicious Powershell script blocking is bad, very bad. There is room for improvement … Only two products (among the tested ones) …
Read more