When malware plays pretend. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Tech News, News, Daily News, Technology

4.8 • 1.1K Ratings

🗓️ 9 August 2025

⏱️ 22 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Nicolás Chiaraviglio, Chief Scientist from Zimperium's zLabs, joins to discuss their work on "Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed." Zimperium’s zLabs team has been tracking an evolving banker trojan dubbed DoubleTrouble, which has grown more sophisticated in both its distribution and capabilities. Initially spread via phishing sites impersonating European banks, it now uses malicious APKs hosted in Discord channels, and boasts features like screen recording, keylogging, UI overlays, and app blocking—all while heavily abusing Android’s Accessibility Services. Despite advanced obfuscation and dynamic evasion techniques, Zimperium’s on-device detection tools have successfully identified both known and previously unseen variants, helping protect users from credential theft, financial fraud, and device compromise. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. The research can be found here: ⁠Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:10.1	At TALIS, they know cybersecurity can be tough and you can't protect everything,
0:17.6	but with TALIS, you can secure what matters most.
0:23.2	With TALIS's industry-leading platforms, you can protect critical applications, data, and identities, anywhere and at scale with the highest
0:29.7	ROI. That's why the most trusted brands and largest banks, retailers, and healthcare companies in the
0:36.1	world rely on Talis to protect what matters most. Applications, retailers, and healthcare companies in the world rely on Talis to protect what matters most.
0:40.0	Applications, data, and identity.
0:42.6	That's Talis.
0:44.0	T-H-A-L-E-S.
0:45.8	Learn more at Talisgroup.com slash cyber.
0:50.0	Thank you. Hello, everyone, and welcome to the Cyberwires Research Saturday. I'm Dave Bittner, and this is our weekly conversation with researchers and analysts
1:11.6	tracking down the threats and vulnerabilities, solving some of the hard problems and protecting
1:16.6	ourselves in a rapidly evolving cyberspace.
1:19.6	Thanks for joining us.
1:26.6	We have a pretty B user base at the moment, and we have a pretty B user base at the moment and we have some malware detection systems
1:34.3	that are purely based in machine learning. We are constantly verifying samples that we are
1:41.3	detecting in the wild that are very different from things that
1:45.1	we've seen before.
1:46.1	So as part of that process, we found some samples that got our attention, and then we started
1:52.2	checking in public sources if we found similar samples.
1:57.7	That's Nicolas Charavilio.
2:00.2	He's chief scientist from Zimperium's Z-Labs.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.