Lookout Blog

April 24, 2014

BadLepricon: Bitcoin gets the mobile malware treatment in Google Play

BadLepricon-Google-play-store

Your phone is running low on battery and it seems to be working harder than usual. Would you ever suspect that it was secretly mining Bitcoin for someone you don’t know?

Lookout found a piece of mobile malware in Google Play that quietly uses your phone’s processing power to create new coins. We call it BadLepricon, and yes, that is how the malware authors spelled “leprechaun.” We hope they were going for a clever play on the word “con.”

Read More

April 24, 2014

Introducing a new look for Lookout maps

We are excited to announce that starting today, Lookout will be using MapBox for all of our location services. This means that the map you see when you log into Lookout.com, as well as the maps you receive in Lookout emails, will look a little different moving forward (in a good way!). Here’s a sneak peek:

mapbox

If your device is ever lost or stolen, we want to make it as easy as possible for you to locate your missing device – and MapBox lets us do just that. These maps are accurate, easy to navigate and fully designed by the Lookout team to fit right in with your Lookout experience. To take them for a spin, just log into Lookout.com and locate your phone now!

April 18, 2014

Heartbleed + Android: A Not-So Love Story

Heartbleed is a big issue affecting both clients and servers, but as it pertains to Android device, the data is looking a lot more encouraging.

We gathered information from our Heartbleed Detector app, which will tell you if your Android device is affected by the Heartbleed vulnerability. We were happy to find that 96 percent of people who sent us their data were not vulnerable!

As expected, those in the vulnerable category had Android 4.1.1 installed on their phones. This was the same Android version Google explained was affected. However, we also saw some vulnerable devices running Android 4.2.2. This is likely due to custom versions of the operating system floating around.

Anyone with a vulnerable version of Android should look for an update to protect themselves. Otherwise, it’s up to your service providers to patch their systems. Get in touch with them and any company with which you have an online account.

Check out our data below for more information on how Heartbleed is affecting Android users.

Thank you to everyone who shared their data with us!



April 11, 2014

MouaBad: When your phone comes pre-loaded with malware

Usually you celebrate when a family gets bigger. But when it’s a family of malware that could come pre-loaded on your phone, no one wants to party.

MouaBad is a surreptitious little bugger with a number of variants malware authors are flashing onto phones’ headed to consumers firmware. This is a unique and risky distribution model, likely executed by a criminal who has inserted himself into the distribution chain.

Read More

April 9, 2014

Heartbleed Detector: Check If Your Android OS Is Vulnerable with Our App

lookout-heartbeat-detector

Monday, the world learned about a critical bug in OpenSSL called “Heartbleed.” It severely compromises the integrity of secure communications and there isn’t a whole lot consumers of the Internet can do to protect themselves.

But, of course, knowledge is power, so we’ve created the Heartbleed Detector, an app that will tell you if you’re running a vulnerable version of Android on your phone. While everyone has been talking about how Heartbleed affects servers and Internet infrastructure, it also affects mobile devices. Our detector app will help you figure out if your device is one of them.

You can download it here.

Read More

April 9, 2014

Heartbleed: A Note from Lookout

Remember that time a vulnerability left two-thirds of the Internet wide open to attack?

Yeah, that happened Monday.

The issue is called Heartbleed, a critical bug in “OpenSSL” — software which roughly two thirds of the Internet uses to keep connections secure.

Lookout’s main website was not affected by the vulnerability, however, some of Lookout’s other Internet-facing infrastructure was. We took care to protect our users as soon as possible, patching our systems within hours of the bug’s public release.

In short, Lookout users do not need to worry about this flaw, as they are already protected.

Read More

March 26, 2014

Bitcoin malware: Beware the digital pickpockets

bitcoin

Bitcoin is a global phenomenon that’s driving a 21st century gold rush.

As it stands, Bitcoin is an easy target. It is little regulated and is a desirable target at $600-$700 a coin. Since 2011 there have been more than 30 heists resulting in high-value thefts of thousands of coins — amounts that could surpass $1 billion at today’s prices.

Read More

March 26, 2014

CoinKrypt: How criminals use your phone to mine digital currency

Digital Currencies

In order to add to their stockpiles, criminals are getting really inefficient: turning phones into digital currency-mining bots.

We recently saw several versions of this malware family we call CoinKrypt, which is designed to hijack your phone in order to use it to mine digital currency for somebody else. So far we have only found CoinKrypt in Spanish forums dedicated to the distribution of pirated software.

Read More

March 25, 2014

Spring Cleaning: Your Phone Needs a Wipe Down, Too

Spring is officially here and while you might be cleaning out your closets, did you ever think you should clean out your phone?

You should.

We’ve put together a few best practices for making sure your phone (and the data on it) is safe.  Clear out those apps that make your phone look like an episode of Hoarders. Back up your photos. Get those settings in check!

Take a look at how to implement these tips and more in our guide below:

March 24, 2014

Quick Guide: Fun With Phone Security Settings for Your Android

I might be biased, but the best thing you can do for your phone is downloading Lookout on it. Who doesn’t love blocking mobile threats like Dendroid and being able to make your lost phone sound a loud alarm underneath the couch cushions?

But after you’ve done that, there’s still a ton of “fun” security settings on your Android to explore. And by “fun,” I mean “potentially confusing, but definitely important to understand.” So let’s make sense of a few of the most important settings you’ll see on 4.0 and above versions of Android.

image via PlaceIt

Read More