Taking a Bite out of the Forbidden Fruit: Characterizing Third-Party Iranian IOS App Stores

Due to U.S. sanctions and strict internet censorship, Iranian iOS users are barred from accessing the Apple App Store and developer services. In response, despite violating Apple's developer terms, a thriving underground ecosystem of third-party iOS app stores has emerged to serve Iranian users...

FriendlyDealer mimics official app stores to push unvetted gambling apps

We’ve identified a huge social-engineering campaign designed to steer people into online gambling sites under the impression they’re installing a legitimate app. We’re calling it FriendlyDealer. It’s been observed across at least 1,500 domains, each hosting a website that impersonates the Google...

Regulators around the world are scrutinizing Grok over sexual deepfakes

Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...

Attack of the clones: Fake ChatGPT apps are everywhere

The mobile AI gold rush has flooded app stores with lookalikes—shiny, convincing apps promising “AI image generation,” “smart chat,” or “instant productivity.” But behind the flashy logos lurks a spectrum of fake apps, from harmless copycats to outright spyware. Spoofing trusted brands like...

Apple may have to open its walled garden to outside app stores

The UK’s Competition and Markets Authority CMA ruled that both Google and Apple have a "strategic market status." Basically, they have a monopoly over their respective mobile platforms. As a result, Apple may soon be required to allow rival app stores on iPhones—a major shift for the smartphone...

SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

Update 25.06.2025: Apple removed the malicious app from the App Store. In January 2025, we uncovered the SparkCat spyware campaign, which was aimed at gaining access to victims' crypto wallets. The threat actor distributed apps containing a malicious SDK/framework. This component would wait for a...

TikTok facing fresh lawsuit in US over children’s privacy

The Federal Trade Commission FTC has announced its referred a complaint against TikTok and parent company ByteDance to the Department of Justice. The investigation originally focused on Musical.ly which was acquired by ByteDance on November 10, 2017, and merged it into TikTok. The FTC started a...

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

The threat actor known as Arid Viper aka APT-C-23, Desert Falcon, or TAG-63 has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper's Android malware has a number of featur...

Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores

By Habiba Rashid Key Findings Cybersecurity researchers have warned of fake Signal and Telegram apps that have been distributed through the… This is a post from HackRead.com Read the original post: Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores...

New MMRat Android Trojan Uses Fake App Stores for Bank Fraud

By Deeba Ahmed So far, the potent Android trojan MMRat has remained undetected on VirusTotal. This is a post from HackRead.com Read the original post: New MMRat Android Trojan Uses Fake App Stores for Bank Fraud...

Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores

The Trend Micro Mobile Application Reputation Service MARS team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023...

Banning TikTok

Congress is currently debating bills that would ban TikTok in the United States. We are here as technologists to tell you that this is a terrible idea and the side effects would be intolerable. Details matter. There are several ways Congress might ban TikTok, each with different efficacies and si...

A week in security (December 12 - 18)

Last week on Malwarebytes Labs: Indiana sues TikTok, describes it as "Chinese Trojan Horse" Iranian hacking group uses compromised email accounts to distribute MSP remote access tool Electronic Sales Suppression Tools are cooking the books Silence is golden partner for Truebot and Cl0p ransomware...

Is Apple about to embrace third-party app stores?

On Tuesday, Bloomberg reported that Apple is preparing to allow access to third-party app stores on all iPhone and iPad devices owned by EU users, in anticipation of a new EU competition law coming into force in mid-2024. If the reporting is correct, then in future users in the EU will no longer ...

Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims

A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices. Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform...

Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme

As many as 75 apps on Google Play and 10 on Apple App Store have been discovered engaging in ad fraud as part of an ongoing campaign that commenced in 2019. The latest iteration, dubbed Scylla by Online fraud-prevention firm HUMAN Security, follows similar attack waves in August 2019 and late 202...

WhatsApp warns users: Fake versions of WhatsApp are trying to steal your personal info

WhatsApp boss Will Cathcart is warning users of the popular messaging app to be on their guard after the WhatsApp Security Team discovered bogus apps packing a hidden punch in the form of malware. Outside the safety of the walled garden App stores do whatever they can to try and prevent bogus...

EFB Tampering. Holdover Time

TL;DR Holdover applications are a relatively new method of calculating the effectiveness of anti-icing fluid sprayed onto aircraft wings. Applications such as these have additional attack surfaces as the developer and source databases need to be considered Airlines often view limits as targets to...

TikTok is “unacceptable security risk” and should be removed from app stores, says FCC

Brendan Carr, the commissioner of the FCC Federal Communications Commission, called on the CEOs of Apple and Google to remove TikTok from their app stores. In a letter dated June 24, 2022, Carr told Tim Cook and Sundar Pichai that "TikTok poses an unacceptable national security risk due to its...

Me on App Store Monopolies and Security

There are two bills working their way through Congress that would force companies like Apple to allow competitive app stores. Apple hates this, since it would break its monopoly, and its making a variety of security arguments to bolster its argument. I have written a rebuttal: I would like to...