Articles by Vanja Svajcer

About Vanja Svajcer

Vanja is a Principal Virus Researcher in SophosLabs. He has been working for Sophos since 1998. His major interests include automated analysis systems, honeypots and malware for mobile devices. Vanja is always ready for a good discussion on various security topics.

A chink in Android Armour

AppArmorInstall250-2

SophosLabs process thousands of Android apps daily with many applications approaching the fine line between the completely legitimate and potentially unwanted applications.

Android Armour a premium priced security app was particularly well represented in the incoming stream of samples. Vanja Svajcer investigates why.

What is worse on Android? Malware or PUAs?

andropirate_170

Although the number of discovered malicious apps for Android is growing at an exponential rate, the actual reports from customer devices show that potentially unwanted apps (PUAs) are also causing problems.

Find and Call - is it *really* the first malware in the iOS App Store?

Find and Call - iOS malware?

The first malicious app in the iPhone app store!

That's what the headlines said. But is it really the case that "Find and Call" is malware?

Android malware spreads via Facebook [VIDEO]

Android malware spread via Facebook [VIDEO]

Android malware! On Facebook! Caught on camera!

If you're using Facebook on your Android smartphone, you should be just as careful clicking on links as you would (hopefully) be on a desktop computer.

Is Google Bouncer going to bounce all malware from the Android Market?

bouncer

Google has pleasantly surprised the mobile malware research community when it announced yesterday that Android apps are analysed for malicious behavior before being allowed onto the Android Market, but is it all good news? Vanja Svajcer, Sophos Principal Researcher, investigates.

Android Counterclank is (not) malware

Android Counterclank is (not) malware

Despite the stint of very cold weather in Europe, Android malware scene is warming up. Vanja Svajcer finds an intriguing case for the difference of opinions on the classification of certain Android apps present in Google Android market.

Malicious cloned games attack Google Android Market

Android market

A malicious developer has created copies of the most popular games on Google's Android Market and added code to send SMS messages to premium line numbers. The Android Market security team pulled the malicious apps from the market, but how many people do you think got stung before they were removed?

Adobe says goodbye to Flash for mobile platforms

flashplayer1

Adobe's decision to cease development of Flash Player for mobile platform removes a significant potential malware infection mechanism, primarily for Android as it is the most common mobile operating system supporting it.

SpyEye targeting Android users - just a copy of Zeus's strategy?

SpyEye

After the discovery an Android edition of the Zeus malware kit we did not have to wait long for a SpyEye Android release.

Vanja Ć vajcer, SophosLabs Principal Resarcher, investigates the differences.

First malware using Android Gingerbreak root exploit

gingerbreak-square

Gingermaster is the first Android malware to take advantage of a privilege escalation exploit against Android version 2.3, a.k.a. Gingerbread.

Unfortunately, many device vendors have not yet updated their devices with the latest OS patches.

Zeus for Android and fake Kaspersky Antivirus 2011

Android shot

The discovery of Android based SMS spyware related to Zeus toolkit raised a lot of interest in the anti-malware community.

The latest malware adopts the disguise of a Kaspersky anti-virus product.

Android malware spies on your SMS messages - but is it part of the Zeus family?

Android malware spies on your SMS messages

Has an Android version of the notorious Zeus malware family been discovered?

Plankton malware drifts into Android Market

plankton-thumb

SophosLabs expert Vanja Svajcer takes a closer look at the latest malware hitting the Android Market.

Android market affected by SMS Trojans

andropunk

Android Market has been hit by another malware incident when a number of SMS sending Trojans have been published by unknown attackers. The incident was not as serious as the one in March when over 50 apps were affected by the Droid Dream malware, although any attack affecting Android Market is serious.

Android malware against software piracy

Android malware against software piracy

A Trojan horse that attempts to protect developers of an Android app from piracy and punish users of cracked software has been discovered by SophosLabs. Vanja Svajcer investigates.

Fake Android Market Security tool delivers more than just a cure for Droid Dream malware

androidfeatured

Android malware writers are getting quite creative this month. This time they reacted quickly on the release of Google's Android Market Security tool and developed a fake version of the tool that delivers more than a cure for Droid Dream.

Aftermath of the Droid Dream Android Market malware attack

Aftermath of the Droid Dream Android Market malware attack

Android smartphone malware is making the news - after it managed to find its way into the official Android Market.

Sophos expert Vanja Svajcer takes a closer look.

New Android Market web store could open backdoor for phone hackers

android-market

The recently released web-based Android Market store raises some questions regarding security on your smartphone.

SophosLabs Principal Researcher Vanja Svajcer investigates the potential for using Android Market web store as a vehicle for spreading malware.

Hacker toolkits attracting volunteers to defend WikiLeaks

Low Orbit Ion Cannon

Principal SophosLabs researcher Vanja Svajcer investigates tools used in DDoS attacks coordinated by AnonOps group against major payment processing sites such as Visa, MasterCard and PayPal.

Croatian Facebook users targeted by a rogue Facebook app

Facebook Hacker Trojan Generator

Vanja Svajcer, a SophosLabs principal researcher, investigates to learn more about the recent "Love button" Facebook attack. Was it a work of an organised and skilled malware writing gang or just a successful attempt by a lonely script kiddie?