{"id":10664,"date":"2020-11-12T16:47:59","date_gmt":"2020-11-12T15:47:59","guid":{"rendered":"https:\/\/www.ikarussecurity.com\/uncategorized\/mobile-overlay-attacks-on-android\/"},"modified":"2023-10-25T13:49:44","modified_gmt":"2023-10-25T11:49:44","slug":"mobile-overlay-attacks-on-android","status":"publish","type":"post","link":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/","title":{"rendered":"Mobile overlay attacks on Android"},"content":{"rendered":"<div id='av-layout-grid-1'  class='av-layout-grid-container av-10w0ne-83275210999af2721c3b7a850c3db44d entry-content-wrapper main_color av-flex-cells  avia-builder-el-0  el_before_av_layout_row  avia-builder-el-first   container_wrap fullsize'  >\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jumkwvcm-51e084b814d6b4cc15f972273d333894\">\n.flex_cell.av-jumkwvcm-51e084b814d6b4cc15f972273d333894{\nvertical-align:middle;\nheight:200px;\nmin-height:200px;\nbackground-color:#ef5737;\n}\n.responsive #top #wrap_all .flex_cell.av-jumkwvcm-51e084b814d6b4cc15f972273d333894{\npadding:0px 0px 0px 0px !important;\n}\n<\/style>\n<div class='flex_cell av-jumkwvcm-51e084b814d6b4cc15f972273d333894 av-gridrow-cell av_one_half no_margin  avia-builder-el-1  el_before_av_cell_one_half  avia-builder-el-first  content-align-middle av-zero-padding avia-full-stretch'  ><div class='flex_cell_inner'><\/div><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jumkxgop-c03b457ab9760610044e5d1acd2550fb\">\n.flex_cell.av-jumkxgop-c03b457ab9760610044e5d1acd2550fb{\nvertical-align:top;\nheight:200px;\nmin-height:200px;\nbackground-color:#d4310f;\n}\n.responsive #top #wrap_all .flex_cell.av-jumkxgop-c03b457ab9760610044e5d1acd2550fb{\npadding:80px 80px 80px 80px !important;\n}\n<\/style>\n<div class='flex_cell av-jumkxgop-c03b457ab9760610044e5d1acd2550fb av-gridrow-cell av_one_half no_margin  avia-builder-el-2  el_after_av_cell_one_half  avia-builder-el-last  content-align-top'  ><div class='flex_cell_inner'><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_heading-1e440734e10578e199c0dff880c1ecd5\">\n#top .av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5{\npadding-bottom:25px;\ncolor:#ffffff;\nfont-size:34px;\n}\nbody .av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n#top #wrap_all .av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .av-special-heading-tag{\nfont-size:34px;\n}\n.av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .special-heading-inner-border{\nborder-color:#ffffff;\n}\n.av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .av-subheading{\nfont-size:15px;\n}\n\n@media only screen and (min-width: 480px) and (max-width: 767px){ \n#top #wrap_all .av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .av-special-heading-tag{\nfont-size:0.8em;\n}\n}\n\n@media only screen and (max-width: 479px){ \n#top #wrap_all .av-special-heading.av-av_heading-1e440734e10578e199c0dff880c1ecd5 .av-special-heading-tag{\nfont-size:0.8em;\n}\n}\n<\/style>\n<div  class='av-special-heading av-av_heading-1e440734e10578e199c0dff880c1ecd5 av-special-heading-h3 custom-color-heading blockquote modern-quote  avia-builder-el-3  el_before_av_textblock  avia-builder-el-first  av-inherit-size av-linked-heading'><h3 class='av-special-heading-tag '  itemprop=\"headline\"  >Mobile overlay attacks on Android<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jy8jdxp7-983734d01988575bbf4db06edb80baa4\">\n#top .av_textblock_section.av-jy8jdxp7-983734d01988575bbf4db06edb80baa4 .avia_textblock{\ncolor:#ffffff;\n}\n<\/style>\n<section  class='av_textblock_section av-jy8jdxp7-983734d01988575bbf4db06edb80baa4 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock av_inherit_color'  itemprop=\"text\" ><p>A short but deep insight into how malware works on Android &#8211; including expert tips and recommendations for securing your own apps<\/p>\n<p><em>by Tibor \u00c9li\u00e1s, Android malware analyst at IKARUS Security Software<\/em><\/p>\n<\/div><\/section><\/p>\n<\/div><\/div><\/div><div id='av-layout-grid-2'  class='av-layout-grid-container av-10w0ne-946d652e60d0b6ad208db73a875431fa entry-content-wrapper main_color av-fixed-cells  avia-builder-el-5  el_after_av_layout_row  el_before_av_textblock  grid-row-not-first  container_wrap fullsize'  >\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jumkwvcm-fc18a87092e8af7528c955c2c816f0ec\">\n.flex_cell.av-jumkwvcm-fc18a87092e8af7528c955c2c816f0ec{\nvertical-align:top;\nbackground-color:#ac1502;\n}\n.responsive #top #wrap_all .flex_cell.av-jumkwvcm-fc18a87092e8af7528c955c2c816f0ec{\npadding:9px 0px 0px 0px !important;\n}\n<\/style>\n<div class='flex_cell av-jumkwvcm-fc18a87092e8af7528c955c2c816f0ec av-gridrow-cell av_one_half no_margin  avia-builder-el-6  el_before_av_cell_one_half  avia-builder-el-first  content-align-top'  ><div class='flex_cell_inner'><\/div><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jumkxgop-6ecbab68d96b7185e8892d8f00fb18d0\">\n.flex_cell.av-jumkxgop-6ecbab68d96b7185e8892d8f00fb18d0{\nvertical-align:top;\nbackground-color:#ef5737;\n}\n.responsive #top #wrap_all .flex_cell.av-jumkxgop-6ecbab68d96b7185e8892d8f00fb18d0{\npadding:9px 0px 0px 0px !important;\n}\n<\/style>\n<div class='flex_cell av-jumkxgop-6ecbab68d96b7185e8892d8f00fb18d0 av-gridrow-cell av_one_half no_margin  avia-builder-el-7  el_after_av_cell_one_half  avia-builder-el-last  content-align-top'  ><div class='flex_cell_inner'><\/div><\/div>\n<\/div><div id='after_grid_row_2'  class='main_color av_default_container_wrap container_wrap fullsize'  ><div class='container av-section-cont-open' ><div class='template-page content  av-content-full alpha units'><div class='post-entry post-entry-type-page post-entry-10664'><div class='entry-content-wrapper clearfix'><\/p>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Despite its increasing popularity among attackers, Android is a relatively secure system. However, even perfectly functioning apps, whose data is completely isolated, can be hijacked unnoticeably. So-called &#8220;overlay attacks&#8221; discreetly overlay legitimate applications and thus gain access to dangerous authorizations and sensitive data, e.g. from banking apps, messengers or browsers.<\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"#1\">1. Malicious Apps on Android<\/a><\/p>\n<p><a href=\"#2\">2. Various Overlay Techniques<\/a><br \/>\n<a href=\"#2-1\">2.1. Monitoring Activities of parallel applications<\/a><br \/>\n<a href=\"#2-2\">2.2 Overlaying Activity components<\/a><\/p>\n<p><a href=\"#3\">3 Simulated attack via SMS and an Attacker Website<\/a><br \/>\n<a href=\"#3-1\">3.1 FakeBank App<\/a><br \/>\n<a href=\"#3-2\">3.2 FakeBank Attacker Website<\/a><\/p>\n<p><a href=\"#4\">4. Defending against Overlay Attacks<\/a><\/p>\n<p><a href=\"#5\">5. Defending against Accessibility Service Abuse and Keylogging using a 3rd party keyboard<\/a><\/p>\n<p><a href=\"#6\">6. Defending against key logging Attacks<\/a><\/p>\n<p><a href=\"#7\">7. Frequently Asked Questions<\/a><\/p>\n<p><a href=\"#8\">8. References<\/a><\/p>\n<p><a href=\"#9\">9. Android Overlay Malware &#8211; FakeBankTransaction (YouTube)<\/a><\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"1\">1. Malicious Apps on Android<\/h3>\n<p>Malicious Apps on Android tend to find novel approaches to exfiltrate data from their victims and elevate their privileges without the user knowing what is really happening on their device as they interact with the malicious App. Even when an App is perfectly functioning and its data is isolated from other Apps, there are still ways to bypass this security measure covertly.<\/p>\n<p>Utilizing various so-called overlay attacks, a malicious App can gain dangerous permissions and enable a bad actor to initiate for example illegal bank transfers. This is possible through already known vulnerabilities in the Android OS. These attacks involve engaging the UI feedback loop and the abuse of the Android API. This leads to information extraction from Apps such as high security Banking Apps, private messaging Apps or browser Apps.<\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"2\">2. Various Overlay Techniques<\/h3>\n<ol>\n<li>Picking a victim application and finding out their package name<\/li>\n<li>Monitoring said application using various methods<\/li>\n<li>Hijacking hijacking the victim App by overlaying it at run time.<\/li>\n<\/ol>\n<div id=\"attachment_10245\" style=\"width: 1010px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10245\" class=\"size-full wp-image-10246\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff.png\" alt=\"Android-Overlay-Angriff\" width=\"1000\" height=\"748\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff.png 1000w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff-300x224.png 300w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff-768x574.png 768w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff-705x527.png 705w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/Android-Overlay-Angriff-450x337.png 450w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><p id=\"caption-attachment-10245\" class=\"wp-caption-text\">Figure 1: Overview of an Overlay Attack against a benign Application on the Android OS<\/p><\/div>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4 id=\"2-1\">2.1 Monitoring Activities of parallel applications<\/h4>\n<p>In order for an overlay attack to become successful, it needs to be able to detect activities and tasks that are launched into the foreground. This technique involves monitoring other Apps (packages) on the target device. In order to find out what packages are currently running on the device, Android offers various helper classes. Throughout the years, these helpers became harder to use on newer APIs. Google did not want developers to monitor the activities of other running Apps on the device. Here\u2019s a short list of viable options:<\/p>\n<ul>\n<li>getRunningTasks() (available below Android 5.0)<\/li>\n<li>getRunningAppProcesses()<\/li>\n<li>UsageStatsManager<\/li>\n<li>Finding and monitoring the \/proc\/<pid>\/oom_score (pid &#8211; represents the process ID of the target package) file.<\/li>\n<li>Defining an android:TaskAffinity for the victim Apps package. This method is used by malware in the wild and it is known as the Strandhogg vulnerability. Apps that have their taskAffinities misconfigured can easily fall victim to these attacks.<\/li>\n<\/ul>\n<p>The following source code of and Android App makes use of some of these monitoring techniques: <a href=\"https:\/\/github.com\/geeksonsecurity\/android-overlay-protection\"><u>https:\/\/github.com\/geeksonsecurity\/android-overlay-protection<\/u><\/a><\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4 id=\"2-2\">2.2 Overlaying Activity components<\/h4>\n<p>After the target foreground activity has appeared to the victim, the attacker has a couple of options to choose from to determine how they want to hijack the foreground activity. Here are couple of options that have been used by malware in the wild:<\/p>\n<ul>\n<li>Injecting a fragment object into the foreground Task<\/li>\n<li>FLAG_ACTIVITY_NEW_TASK in order to invoke an activity above the current one<br \/>\n<em>(This can be easily removed by the user using the back button.)<\/em><\/li>\n<li>Drawing a custom View as a SYSTEM_ALERT window on top of the foreground activity<br \/>\n<em>(These Views cannot be removed by the user even if they tap on the back button. This technique is also used by ransomware on Android devices in order to create surfaces that overlay the Launcher or even the lock screen and demand the victim to pay up.)<\/em><\/li>\n<\/ul>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"3\">3. Simulated attack via SMS and an Attacker Website<\/h3>\n<p>This attack involves sending a manipulative message via SMS to a user of a FakeBank App. The user\u2018s information such as the telephone number and connection to a bank institution was gained through means of social engineering and interaction with the Dark Web. The Dark Web tends to sell personal information such as telephone numbers and data that could be associated to bank customers.<\/p>\n<p>The attack process is as follows:<\/p>\n<ol>\n<li>Send an SMS to the telephone number that is associated to a FakeBank customer<\/li>\n<li>Inside the SMS, state a request to install an App from the attacker website formally and try to instigate urgency\n<p><div id=\"attachment_10250\" style=\"width: 774px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10250\" class=\"size-full wp-image-10251\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank1.png\" alt=\"FakeBank\" width=\"764\" height=\"604\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank1.png 764w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank1-300x237.png 300w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank1-705x557.png 705w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank1-450x356.png 450w\" sizes=\"auto, (max-width: 764px) 100vw, 764px\" \/><p id=\"caption-attachment-10250\" class=\"wp-caption-text\">Figure 2: SMS in German language to lure the user into installing an App on their device<\/p><\/div><\/li>\n<li>The SMS also instructs the user to visit a website and download the urgently needed security update.<\/li>\n<li>Once on the website the user may proceed to the dowload page by clicking on download. This step differs from attacks, which also ask for a telephone number and bank login credidentials before offering a download link. These websites also only let browser access them, which carry a certain User-Agent name. <img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-10253\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\" alt=\"fakebank\" width=\"365\" height=\"487\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png 365w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2-225x300.png 225w\" sizes=\"auto, (max-width: 365px) 100vw, 365px\" \/><\/li>\n<li>Tapping on the download button will lead the user to the instructions page, which embeds a download button.\n<p><div id=\"attachment_10254\" style=\"width: 786px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10254\" class=\"size-full wp-image-10255\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3.png\" alt=\"FakeBank\" width=\"776\" height=\"2020\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3.png 776w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-115x300.png 115w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-396x1030.png 396w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-768x1999.png 768w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-590x1536.png 590w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-576x1500.png 576w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-271x705.png 271w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank3-384x999.png 384w\" sizes=\"auto, (max-width: 776px) 100vw, 776px\" \/><p id=\"caption-attachment-10254\" class=\"wp-caption-text\">Figure 4: The Download Page not only offers a download link but also instructions on how to install the downloaded App<\/p><\/div><\/li>\n<li>The text is very clear on instructing the user to turn off a very important security feature that prevents users from deliberately or accidently installing Apps from unknown sources.<\/li>\n<li>Finally, the user is to install the App from their download directory.<\/li>\n<\/ol>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4 id=\"3-1\">3.1 FakeBank App<\/h4>\n<p><em>FakeBank<\/em> is a banking App for Android smartphones. When it comes to Banking App features, it tries to approximate all-in-one Banking Apps that use mTANs over SMS to validate transactions. In addition to that, this App is able to simulate server-side bank transactions over HTTP.<\/p>\n<div id=\"attachment_10257\" style=\"width: 817px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10257\" class=\"size-full wp-image-10258\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4.png\" alt=\"FakeBank\" width=\"807\" height=\"1177\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4.png 807w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4-206x300.png 206w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4-706x1030.png 706w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4-768x1120.png 768w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4-483x705.png 483w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank4-450x656.png 450w\" sizes=\"auto, (max-width: 807px) 100vw, 807px\" \/><p id=\"caption-attachment-10257\" class=\"wp-caption-text\">Figure 5: FakeBank functions as a banking App, which provides services such as viewing recent transactions and initiating them.<\/p><\/div>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4 id=\"3-2\">3.2 FakeBank Attacker Website<\/h4>\n<p><em>FakeBank<\/em> <em>Attacker Website<\/em> is the website on which a malicious App (FakeBankCertificate.apk) is stored. Its purpose is to:<\/p>\n<ul>\n<li>Instruct the user to install the FakeBankCertificate.apk\n<ul>\n<li>Provide technical information on how to disable default security measures<\/li>\n<li>install the FakeBankCertificate.apk from the browser<\/li>\n<\/ul>\n<\/li>\n<li>Store the FakeBankCertificate.apk<\/li>\n<\/ul>\n<div id=\"attachment_10260\" style=\"width: 682px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank5.png\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10260\" class=\"size-full wp-image-10261\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank5.png\" alt=\"FakeBank\" width=\"672\" height=\"642\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank5.png 672w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank5-300x287.png 300w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank5-450x430.png 450w\" sizes=\"auto, (max-width: 672px) 100vw, 672px\" \/><\/a><p id=\"caption-attachment-10260\" class=\"wp-caption-text\">Figure 6: The FakeBank Site is an adversary server that provides a landing page as well as installation instructions and a download link<\/p><\/div>\n<h4>FakeBankCertificate-App<\/h4>\n<p>When installed this App will try to acquire dangerous permissions to carry out data exfiltration attacks such as:<\/p>\n<ul>\n<li>Reading keystrokes<\/li>\n<li>Overlaying login screens of specified Apps<\/li>\n<li>Reading text fields of specified Apps<\/li>\n<li>Changing the default SMS App read and forward their content to a C2 server<\/li>\n<\/ul>\n<p>All of these permissions are gained by overlaying important permission request dialogs and activities.<\/p>\n<div id=\"attachment_10263\" style=\"width: 818px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6.png\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10263\" class=\"size-full wp-image-10264\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6.png\" alt=\"FakeBank\" width=\"808\" height=\"664\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6.png 808w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6-300x247.png 300w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6-768x631.png 768w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6-705x579.png 705w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank6-450x370.png 450w\" sizes=\"auto, (max-width: 808px) 100vw, 808px\" \/><\/a><p id=\"caption-attachment-10263\" class=\"wp-caption-text\">Figure 7: FakeBankCertificate.apk is a malicious App that abuses the operating system to attack the FakeBank banking App<\/p><\/div>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"4\">4. Defending against Overlay Attacks<\/h3>\n<p>Sometimes it is essential that an application be able to verify that an action is being performed with the full knowledge and consent of the user, such as granting a permission request, making a purchase or clicking on an advertisement. Unfortunately, a malicious application could try to spoof the user into performing these actions, unaware, by concealing the intended purpose of the view. As a remedy, the Android framework offers a touch filtering mechanism that can be used to improve the security of views that provide access to sensitive functionality.<\/p>\n<p>To enable touch filtering, call <code><a href=\"https:\/\/developer.android.com\/reference\/android\/view\/View.html#setFilterTouchesWhenObscured(boolean)\">setFilterTouchesWhenObscured(boolean)<\/a><\/code> or set the <code>android:filterTouchesWhenObscured<\/code> layout attribute to true. When enabled, the framework will discard touches that are received whenever the view&#8217;s window is obscured by another visible window. As a result, the view will not receive touches whenever a toast, dialog or other window appears above the view&#8217;s window.<\/p>\n<p>Source: <a href=\"https:\/\/developer.android.com\/reference\/android\/view\/View\"><u>https:\/\/developer.android.com\/reference\/android\/view\/View<\/u><\/a> &#8211; Security<\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"5\">5. Defending against Accessibility Service Abuse and Keylogging using a 3rd party keyboard<\/h3>\n<p>Banking Apps may provide their own implementation of the <code>TextEdit View<\/code> that don\u2019t subscribe to operating systems accessibility services the way the built in <code>TextEdit View<\/code> does. This way inputs into various text fields can be secured, while inputting sensitive information.<\/p>\n<p>Source: Vincent Haupert, Dominik Maier, Nicolas Schneider,Julian Kirsch, and Tilo M\u00fcller &#8211; The State of Android App Hardening: <a href=\"https:\/\/www1.cs.fau.de\/filepool\/projects\/nomorp\/nomorp-paper-dimva2018.pdf\"><u>https:\/\/www1.cs.fau.de\/filepool\/projects\/nomorp\/nomorp-paper-dimva2018.pdf<\/u><\/a><\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"6\">6. Defending against key logging Attacks<\/h3>\n<p>Banking Apps sometimes provide their own custom made virtual keyboards to receive inputs. Banking Apps also have the ability to request the operating system to turn off screen captures on certain activities, such as in the case of entering a password or filling out a form.<\/p>\n<p>Source: Vincent Haupert, Dominik Maier, Nicolas Schneider, Julian Kirsch, and Tilo M\u00fcller &#8211; The State of Android App Hardening<strong>: <\/strong><a href=\"https:\/\/www1.cs.fau.de\/filepool\/projects\/nomorp\/nomorp-paper-dimva2018.pdf\"><u>https:\/\/www1.cs.fau.de\/filepool\/projects\/nomorp\/nomorp-paper-dimva2018.pdf<\/u><\/a><\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"7\">7. Frequently Asked Questions<\/h3>\n<p><strong>Q: How is the user compelled to install the Fake Bank Certificate App?<\/strong><\/p>\n<p>A: The way the scam message (SMS or E-Mail) is formulated, the user will get a sense of emergency and importance to follow the carefully provided instructions and install the App regardless, the warning the operating system provides when the \u201cinstallation from unknown sources\u201d gets activated. Some banking Apps are used with a companion App, which is supposed to provide a more a secure way of communicating with the bank and providing a so called \u201c2nd App verification\u201d. Knowing this, the user might not find the Fake Bank Certificate companion App suspicious the first time they install it.<\/p>\n<p><strong>Q: How come the hacker is able to change the transaction details such as the recipient IBAN, Name, amount to send and even the reference of transaction?<\/strong><\/p>\n<p>A: Not all banks verify all details of a transaction. In our short demo, the server only verified the sender\u2019s IBAN, Name and the corresponding mTAN. In a real scenario, the attacker has the ability to request a new bank transaction and use the corresponding mTAN, which is captured from the victim\u2019s device, to verify and finalize the transaction.<\/p>\n<p><strong>Q: Aren\u2019t banks capable of reverting transactions? Can\u2019t they just identify the transaction and undo it?<\/strong><\/p>\n<p>A: Yes, Banks might do so. Thanks to their centralized infrastructure. Unfortunately, cyber criminals do not work alone and they expect this to happen. The way they go around this security measure is to send a \u201cmoney mule\u201d <em>(Money Mule &#8211; a person who is tasked to receive cash from ATM machines)<\/em> to an ATM machine on the streets and let him take out the stolen amount in cash.<\/p>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>8. References<\/h3>\n<ul>\n<li><a href=\"http:\/\/www.s3.eurecom.fr\/~yanick\/publications\/2017_oakland_cloakanddagger.pdf\">http:\/\/www.s3.eurecom.fr\/~yanick\/publications\/2017_oakland_cloakanddagger.pdf<\/a><\/li>\n<li><a href=\"https:\/\/researchcenter.paloaltonetworks.com\/2017\/09\/unit42-android-toast-overlay-attack-cloak-and-dagger-with-no-permissions\/\">https:\/\/researchcenter.paloaltonetworks.com\/2017\/09\/unit42-android-toast-overlay-attack-cloak-and-dagger-with-no-permissions\/<\/a><\/li>\n<li><a href=\"https:\/\/www.threatfabric.com\/blogs\/exobot_android_banking_trojan_on_the_rise.html\">https:\/\/www.threatfabric.com\/blogs\/exobot_android_banking_trojan_on_the_rise.html<\/a><\/li>\n<li><a href=\"https:\/\/www.threatfabric.com\/blogs\/mysterybot__a_new_android_banking_trojan_ready_for_android_7_and_8.html\">https:\/\/www.threatfabric.com\/blogs\/mysterybot__a_new_android_banking_trojan_ready_for_android_7_and_8.html<\/a><\/li>\n<\/ul>\n<\/div><\/section>\n<section  class='av_textblock_section av-jy8jdxp7-9ff79eb1cb6968faa664cfc107561678 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 id=\"9\">9. Android Overlay Malware &#8211; FakeBankTransaction (YouTube)<\/h3>\n<p>Visite also our clip on YouTube<strong><br \/>\n<\/strong><\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/a2Y47TV330Y\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<\/div><\/section>\n<div  data-slideshow-options=\"{&quot;animation&quot;:&quot;fade&quot;,&quot;autoplay&quot;:false,&quot;loop_autoplay&quot;:&quot;once&quot;,&quot;interval&quot;:&quot;5&quot;,&quot;loop_manual&quot;:&quot;manual-endless&quot;,&quot;autoplay_stopper&quot;:false,&quot;noNavigation&quot;:false,&quot;show_slide_delay&quot;:90}\" class='avia-content-slider avia-content-slider-active avia-content-slider1 avia-content-slider-even  avia-builder-el-23  el_after_av_textblock  avia-builder-el-last  av-slideshow-ui av-control-default   av-no-slider-navigation av-slideshow-manual av-loop-once av-loop-manual-endless '  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Blog\" ><div class=\"avia-content-slider-inner\"><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-44708 slide-entry-overview slide-loop-1 slide-parity-odd  av_one_fourth first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/cyber-threats-in-europe\/' data-rel='slide-1' class='slide-image' title='Cyber Threats in Europe'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/03\/ENISA-Threat-Landscape-Report-2025--260x185.png\" class=\"wp-image-44704 avia-img-lazy-loading-not-44704 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"ENISA Threat Landscape Report 2025\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Cyber Threats in Europe\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/cyber-threats-in-europe\/' title='Cyber Threats in Europe'>Cyber Threats in Europe<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2026-03-10T10:49:24+01:00\" >10. March 2026<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/03\/ENISA-Threat-Landscape-Report-2025-.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>424<\/span>\n\t\t\t\t\t\t<span itemprop='width'>300<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2026-03-10 10:49:24<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2026-03-10 11:06:01<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Cyber Threats in Europe<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-43212 slide-entry-overview slide-loop-2 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/the-interaction-between-firewall-and-email-security\/' data-rel='slide-1' class='slide-image' title='The Interaction Between Firewall and Email Security'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/10\/mail-security-firewall-260x185.jpg\" class=\"wp-image-43202 avia-img-lazy-loading-not-43202 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Zusammenspiel von Firewall und E-Mail Security\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: The Interaction Between Firewall and Email Security\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/the-interaction-between-firewall-and-email-security\/' title='The Interaction Between Firewall and Email Security'>The Interaction Between Firewall and Email Security<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-10-06T16:04:08+02:00\" >6. October 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/10\/mail-security-firewall.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>400<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-10-06 16:04:08<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-10-06 16:04:08<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>The Interaction Between Firewall and Email Security<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-42542 slide-entry-overview slide-loop-3 slide-parity-odd  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/watering-hole-attacks-how-they-work-the-risks-and-protection-strategies\/' data-rel='slide-1' class='slide-image' title='Watering Hole Attacks: How They Work, the Risks, and Protection Strategies'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/08\/WildeTiere-Wasserloch-600-260x185.jpg\" class=\"wp-image-42537 avia-img-lazy-loading-not-42537 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Watering Hole Attacks\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Watering Hole Attacks: How They Work, the Risks, and Protection Strategies\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/watering-hole-attacks-how-they-work-the-risks-and-protection-strategies\/' title='Watering Hole Attacks: How They Work, the Risks, and Protection Strategies'>Watering Hole Attacks: How They Work, the Risks, and Protection Strategies<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-08-13T11:17:17+02:00\" >13. August 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/08\/WildeTiere-Wasserloch-600.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>400<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-08-13 11:17:17<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-08-13 11:17:19<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Watering Hole Attacks: How They Work, the Risks, and Protection Strategies<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-42354 slide-entry-overview slide-loop-4 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/legacy-systems-how-outdated-hardware-and-software-threaten-corporate-security\/' data-rel='slide-1' class='slide-image' title='Legacy Systems: How Outdated Hardware and Software Threaten Corporate Security'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Computerhardware-aus-den-80ern-auf-einem-Mistplatz-260x185.jpg\" class=\"wp-image-42458 avia-img-lazy-loading-not-42458 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Legacy Systems\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Computerhardware-aus-den-80ern-auf-einem-Mistplatz-260x185.jpg 260w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Computerhardware-aus-den-80ern-auf-einem-Mistplatz-600x430.jpg 600w\" sizes=\"(max-width: 260px) 100vw, 260px\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Legacy Systems: How Outdated Hardware and Software Threaten Corporate Security\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/legacy-systems-how-outdated-hardware-and-software-threaten-corporate-security\/' title='Legacy Systems: How Outdated Hardware and Software Threaten Corporate Security'>Legacy Systems: How Outdated Hardware and Software Threaten Corporate Security<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-07-24T13:18:21+02:00\" >24. July 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Computerhardware-aus-den-80ern-auf-einem-Mistplatz.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>467<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-07-24 13:18:21<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-07-29 11:09:50<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Legacy Systems: How Outdated Hardware and Software Threaten Corporate Security<\/span><\/span><\/span><\/article><\/div><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-42269 slide-entry-overview slide-loop-5 slide-parity-odd  av_one_fourth first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/zero-day-vulnerability-in-windows-shortcuts\/' data-rel='slide-1' class='slide-image' title='Zero-Day Vulnerability in Windows Shortcuts'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Windows-Zero-Day-260x185.jpg\" class=\"wp-image-42264 avia-img-lazy-loading-not-42264 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Windows Zero-Day Vulnerability\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Zero-Day Vulnerability in Windows Shortcuts\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/zero-day-vulnerability-in-windows-shortcuts\/' title='Zero-Day Vulnerability in Windows Shortcuts'>Zero-Day Vulnerability in Windows Shortcuts<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-07-10T13:23:13+02:00\" >10. July 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/07\/Windows-Zero-Day.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>607<\/span>\n\t\t\t\t\t\t<span itemprop='width'>800<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-07-10 13:23:13<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-07-10 13:23:15<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Zero-Day Vulnerability in Windows Shortcuts<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-41786 slide-entry-overview slide-loop-6 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/owasp-top-10-for-llms-new-security-challenges-due-to-ai\/' data-rel='slide-1' class='slide-image' title='OWASP Top 10 for LLMs: New Security Challenges due to AI'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"166\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/06\/OWASP-Top-10-260x166.jpg\" class=\"wp-image-41783 avia-img-lazy-loading-not-41783 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"OWASP Top 10 f\u00fcr LLMs\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: OWASP Top 10 for LLMs: New Security Challenges due to AI\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/owasp-top-10-for-llms-new-security-challenges-due-to-ai\/' title='OWASP Top 10 for LLMs: New Security Challenges due to AI'>OWASP Top 10 for LLMs: New Security Challenges due to AI<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-06-18T14:37:55+02:00\" >18. June 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/06\/OWASP-Top-10.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>166<\/span>\n\t\t\t\t\t\t<span itemprop='width'>304<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-06-18 14:37:55<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:03:57<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>OWASP Top 10 for LLMs: New Security Challenges due to AI<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-41615 slide-entry-overview slide-loop-7 slide-parity-odd  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/ikarus-malware-scanner-now-part-of-heise-desinfect\/' data-rel='slide-1' class='slide-image' title='IKARUS malware.scanner now part of Heise Desinfec\u2019t'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/06\/Desinfect2025-260x185.png\" class=\"wp-image-41634 avia-img-lazy-loading-not-41634 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: IKARUS malware.scanner now part of Heise Desinfec\u2019t\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/ikarus-malware-scanner-now-part-of-heise-desinfect\/' title='IKARUS malware.scanner now part of Heise Desinfec\u2019t'>IKARUS malware.scanner now part of Heise Desinfec\u2019t<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-06-11T15:03:11+02:00\" >11. June 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/06\/Desinfect2025.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>524<\/span>\n\t\t\t\t\t\t<span itemprop='width'>971<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-06-11 15:03:11<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:05:43<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>IKARUS malware.scanner now part of Heise Desinfec\u2019t<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-41179 slide-entry-overview slide-loop-8 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/microsoft-enforces-dmarc-new-delivery-rules-for-high-volume-outlook-emails\/' data-rel='slide-1' class='slide-image' title='Microsoft enforces DMARC: new delivery rules for high-volume Outlook emails'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/05\/e-Mail-Laptop-600-260x185.jpg\" class=\"wp-image-41170 avia-img-lazy-loading-not-41170 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Microsoft erzwingt DMARC\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Microsoft enforces DMARC: new delivery rules for high-volume Outlook emails\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/microsoft-enforces-dmarc-new-delivery-rules-for-high-volume-outlook-emails\/' title='Microsoft enforces DMARC: new delivery rules for high-volume Outlook emails'>Microsoft enforces DMARC: new delivery rules for high-volume Outlook emails<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-05-06T11:22:27+02:00\" >6. May 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/05\/e-Mail-Laptop-600.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>300<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-05-06 11:22:27<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:06:47<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Microsoft enforces DMARC: new delivery rules for high-volume Outlook emails<\/span><\/span><\/span><\/article><\/div><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-41023 slide-entry-overview slide-loop-9 slide-parity-odd  av_one_fourth first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/information-disclosure-vulnerabilities\/' data-rel='slide-1' class='slide-image' title='Information Disclosure Vulnerabilities'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/04\/Information-Disclosure-Vulnerabilities-260x185.jpg\" class=\"wp-image-42452 avia-img-lazy-loading-not-42452 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Information Disclosure Vulnerabilities\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Information Disclosure Vulnerabilities\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/information-disclosure-vulnerabilities\/' title='Information Disclosure Vulnerabilities'>Information Disclosure Vulnerabilities<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-04-25T11:27:29+02:00\" >25. April 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/04\/Information-Disclosure-Vulnerabilities.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>448<\/span>\n\t\t\t\t\t\t<span itemprop='width'>576<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-04-25 11:27:29<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-07-29 11:01:20<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Information Disclosure Vulnerabilities<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-40317 slide-entry-overview slide-loop-10 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/why-post-quantum-algorithms-are-essential\/' data-rel='slide-1' class='slide-image' title='Why post-quantum algorithms are essential'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/03\/data-protection-260x185.jpg\" class=\"wp-image-40313 avia-img-lazy-loading-not-40313 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"data protection\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Why post-quantum algorithms are essential\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/why-post-quantum-algorithms-are-essential\/' title='Why post-quantum algorithms are essential'>Why post-quantum algorithms are essential<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-03-21T11:16:44+01:00\" >21. March 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/03\/data-protection.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>378<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-03-21 11:16:44<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:09:51<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Why post-quantum algorithms are essential<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-39223 slide-entry-overview slide-loop-11 slide-parity-odd  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/hacktivism-ethical-hacking-and-grey-hats-between-protection-protest-and-crime\/' data-rel='slide-1' class='slide-image' title='Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/02\/Ethical-Hacking-260x185.png\" class=\"wp-image-39212 avia-img-lazy-loading-not-39212 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Ethical Hacking\" srcset=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/02\/Ethical-Hacking-260x185.png 260w, https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/02\/Ethical-Hacking-600x430.png 600w\" sizes=\"(max-width: 260px) 100vw, 260px\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/hacktivism-ethical-hacking-and-grey-hats-between-protection-protest-and-crime\/' title='Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime'>Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-02-04T11:47:35+01:00\" >4. February 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/02\/Ethical-Hacking.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>600<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-02-04 11:47:35<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:12:04<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Hacktivism, Ethical Hacking and Grey Hats: Between Protection, Protest and Crime<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-39128 slide-entry-overview slide-loop-12 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/mitre-2024-harfanglab-delivers-reliable-detection-and-accuracy\/' data-rel='slide-1' class='slide-image' title='MITRE 2024: HarfangLab delivers reliable detection and accuracy'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/MITRE-HarfangLab-image-260x185.png\" class=\"wp-image-39143 avia-img-lazy-loading-not-39143 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"MITRE-HarfangLab\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: MITRE 2024: HarfangLab delivers reliable detection and accuracy\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/mitre-2024-harfanglab-delivers-reliable-detection-and-accuracy\/' title='MITRE 2024: HarfangLab delivers reliable detection and accuracy'>MITRE 2024: HarfangLab delivers reliable detection and accuracy<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-01-28T12:58:19+01:00\" >28. January 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/MITRE-HarfangLab-image.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>400<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-01-28 12:58:19<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:13:17<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>MITRE 2024: HarfangLab delivers reliable detection and accuracy<\/span><\/span><\/span><\/article><\/div><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-38951 slide-entry-overview slide-loop-13 slide-parity-odd  av_one_fourth first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/elevation-of-privilege-eop-risks-methods-and-protective-measures\/' data-rel='slide-1' class='slide-image' title='Elevation of Privilege (EoP): Risks, methods and protective measures'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/Sicherheitsluecken-260x185.jpg\" class=\"wp-image-38938 avia-img-lazy-loading-not-38938 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Sicherheitsl\u00fccke\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Elevation of Privilege (EoP): Risks, methods and protective measures\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/elevation-of-privilege-eop-risks-methods-and-protective-measures\/' title='Elevation of Privilege (EoP): Risks, methods and protective measures'>Elevation of Privilege (EoP): Risks, methods and protective measures<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-01-22T11:58:01+01:00\" >22. January 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/Sicherheitsluecken.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>401<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-01-22 11:58:01<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:14:05<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Elevation of Privilege (EoP): Risks, methods and protective measures<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-38626 slide-entry-overview slide-loop-14 slide-parity-even  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/identity-theft-2-0-new-strategies-and-how-organisations-can-respond\/' data-rel='slide-1' class='slide-image' title='Identity theft 2.0: New strategies and how organisations can respond'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/Identitaetsdiebstahl-260x185.jpg\" class=\"wp-image-38608 avia-img-lazy-loading-not-38608 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Identit\u00e4tsdiebstahl\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Identity theft 2.0: New strategies and how organisations can respond\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/identity-theft-2-0-new-strategies-and-how-organisations-can-respond\/' title='Identity theft 2.0: New strategies and how organisations can respond'>Identity theft 2.0: New strategies and how organisations can respond<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-01-08T10:35:00+01:00\" >8. January 2025<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2025\/01\/Identitaetsdiebstahl.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>405<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2025-01-08 10:35:00<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:14:45<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Identity theft 2.0: New strategies and how organisations can respond<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-38231 slide-entry-overview slide-loop-15 slide-parity-odd  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/red-teams-blue-teams-purple-teaming\/' data-rel='slide-1' class='slide-image' title='Red Teams, Blue Teams, Purple Teaming'><img decoding=\"async\" fetchpriority=\"high\" width=\"260\" height=\"185\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2024\/12\/color-teams-260x185.png\" class=\"wp-image-38213 avia-img-lazy-loading-not-38213 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"Red Teams, Blue Teams, Purple Teaming\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Red Teams, Blue Teams, Purple Teaming\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/red-teams-blue-teams-purple-teaming\/' title='Red Teams, Blue Teams, Purple Teaming'>Red Teams, Blue Teams, Purple Teaming<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2024-12-13T10:12:11+01:00\" >13. December 2024<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2024\/12\/color-teams.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>300<\/span>\n\t\t\t\t\t\t<span itemprop='width'>600<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2024-12-13 10:12:11<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:15:31<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Red Teams, Blue Teams, Purple Teaming<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-36216 slide-entry-overview slide-loop-16 slide-parity-even  post-entry-last  av_one_fourth  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/living-off-the-land\/' data-rel='slide-1' class='slide-image' title='Living Off the Land attacks'><img decoding=\"async\" fetchpriority=\"high\" width=\"224\" height=\"150\" src=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2024\/11\/LOTL.jpg\" class=\"wp-image-36249 avia-img-lazy-loading-not-36249 attachment-portfolio_small size-portfolio_small wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Living Off the Land attacks\"><h3 class='slide-entry-title entry-title '  itemprop=\"headline\" ><a href='https:\/\/www.ikarussecurity.com\/en\/security-news-en\/living-off-the-land\/' title='Living Off the Land attacks'>Living Off the Land attacks<\/a><\/h3><span class=\"av-vertical-delimiter\"><\/span><\/header><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2024-11-25T09:38:17+01:00\" >25. November 2024<\/time><\/div><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >\n\n\n\n\n\n\n\n\n\n\n\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2024\/11\/LOTL.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>150<\/span>\n\t\t\t\t\t\t<span itemprop='width'>224<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>IKARUS<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2026\/02\/IKARUS-Security-Logo-2.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>IKARUS<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2020-11-12T16:47:59+01:00\" >2024-11-25 09:38:17<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-06-20 11:16:10<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Living Off the Land attacks<\/span><\/span><\/span><\/article><\/div><\/div><div class='avia-slideshow-arrows avia-slideshow-controls' ><a href='#prev' class='prev-slide  avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='left-open-big' data-av_iconset='svg_entypo-fontello' tabindex='-1' title=\"Previous\"><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewBox=\"0 0 15 32\" preserveAspectRatio=\"xMidYMid meet\" aria-labelledby='av-svg-title-17' aria-describedby='av-svg-desc-17' role=\"graphics-symbol\" aria-hidden=\"true\">\n<title id='av-svg-title-17'>Previous<\/title>\n<desc id='av-svg-desc-17'>Previous<\/desc>\n<path d=\"M14.464 27.84q0.832 0.832 0 1.536-0.832 0.832-1.536 0l-12.544-12.608q-0.768-0.768 0-1.6l12.544-12.608q0.704-0.832 1.536 0 0.832 0.704 0 1.536l-11.456 11.904z\"><\/path>\n<\/svg><span class='avia_hidden_link_text'>Previous<\/span><\/a><a href='#next' class='next-slide  avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello' tabindex='-1' title=\"Next\"><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewBox=\"0 0 15 32\" preserveAspectRatio=\"xMidYMid meet\" aria-labelledby='av-svg-title-18' aria-describedby='av-svg-desc-18' role=\"graphics-symbol\" aria-hidden=\"true\">\n<title id='av-svg-title-18'>Next<\/title>\n<desc id='av-svg-desc-18'>Next<\/desc>\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><span class='avia_hidden_link_text'>Next<\/span><\/a><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>A short but deep insight into how malware works on Android. By Tibor \u00c9li\u00e1s, Android malware analyst at IKARUS Security Software.<\/p>\n","protected":false},"author":1,"featured_media":10253,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[132],"tags":[],"class_list":["post-10664","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mobile-device-management-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mobile overlay attacks on Android - IKARUS Security<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mobile overlay attacks on Android - IKARUS Security\" \/>\n<meta property=\"og:description\" content=\"A short but deep insight into how malware works on Android. By Tibor \u00c9li\u00e1s, Android malware analyst at IKARUS Security Software.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\" \/>\n<meta property=\"og:site_name\" content=\"IKARUS Security\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ikarusantivirussoftware\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-12T15:47:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-25T11:49:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"365\" \/>\n\t<meta property=\"og:image:height\" content=\"487\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"IKARUS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ikarusantivirus\" \/>\n<meta name=\"twitter:site\" content=\"@ikarusantivirus\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"IKARUS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"14 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\"},\"author\":{\"name\":\"IKARUS\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/person\/19cc5cb758c73750a975662a88135e57\"},\"headline\":\"Mobile overlay attacks on Android\",\"datePublished\":\"2020-11-12T15:47:59+00:00\",\"dateModified\":\"2023-10-25T11:49:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\"},\"wordCount\":2614,\"publisher\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\",\"articleSection\":[\"Mobile Device Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\",\"url\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\",\"name\":\"Mobile overlay attacks on Android - IKARUS Security\",\"isPartOf\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\",\"datePublished\":\"2020-11-12T15:47:59+00:00\",\"dateModified\":\"2023-10-25T11:49:44+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage\",\"url\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\",\"contentUrl\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png\",\"width\":365,\"height\":487,\"caption\":\"Figure 3: The landing page is visited using the mobile devices browser\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ikarussecurity.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mobile overlay attacks on Android\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#website\",\"url\":\"https:\/\/www.ikarussecurity.com\/en\/\",\"name\":\"IKARUS Security\",\"description\":\"Sovereign Cybersecurity\",\"publisher\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ikarussecurity.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#organization\",\"name\":\"IKARUS Security Software\",\"url\":\"https:\/\/www.ikarussecurity.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2022\/06\/ikarus-logo.png\",\"contentUrl\":\"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2022\/06\/ikarus-logo.png\",\"width\":1805,\"height\":448,\"caption\":\"IKARUS Security Software\"},\"image\":{\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ikarusantivirussoftware\",\"https:\/\/x.com\/ikarusantivirus\",\"https:\/\/www.linkedin.com\/company\/ikarus-security-software-gmbh\",\"https:\/\/www.xing.com\/pages\/ikarussecuritysoftwaregmbh\",\"https:\/\/www.youtube.com\/channel\/UCRRsH3IwUJQqwtBYpNp0Tuw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/person\/19cc5cb758c73750a975662a88135e57\",\"name\":\"IKARUS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g\",\"caption\":\"IKARUS\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mobile overlay attacks on Android - IKARUS Security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/","og_locale":"en_US","og_type":"article","og_title":"Mobile overlay attacks on Android - IKARUS Security","og_description":"A short but deep insight into how malware works on Android. By Tibor \u00c9li\u00e1s, Android malware analyst at IKARUS Security Software.","og_url":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/","og_site_name":"IKARUS Security","article_publisher":"https:\/\/www.facebook.com\/ikarusantivirussoftware","article_published_time":"2020-11-12T15:47:59+00:00","article_modified_time":"2023-10-25T11:49:44+00:00","og_image":[{"width":365,"height":487,"url":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png","type":"image\/png"}],"author":"IKARUS","twitter_card":"summary_large_image","twitter_creator":"@ikarusantivirus","twitter_site":"@ikarusantivirus","twitter_misc":{"Written by":"IKARUS","Est. reading time":"14 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#article","isPartOf":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/"},"author":{"name":"IKARUS","@id":"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/person\/19cc5cb758c73750a975662a88135e57"},"headline":"Mobile overlay attacks on Android","datePublished":"2020-11-12T15:47:59+00:00","dateModified":"2023-10-25T11:49:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/"},"wordCount":2614,"publisher":{"@id":"https:\/\/www.ikarussecurity.com\/en\/#organization"},"image":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png","articleSection":["Mobile Device Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/","url":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/","name":"Mobile overlay attacks on Android - IKARUS Security","isPartOf":{"@id":"https:\/\/www.ikarussecurity.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage"},"image":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png","datePublished":"2020-11-12T15:47:59+00:00","dateModified":"2023-10-25T11:49:44+00:00","breadcrumb":{"@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#primaryimage","url":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png","contentUrl":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2020\/09\/fakebank2.png","width":365,"height":487,"caption":"Figure 3: The landing page is visited using the mobile devices browser"},{"@type":"BreadcrumbList","@id":"https:\/\/www.ikarussecurity.com\/en\/mobile-device-management-en\/mobile-overlay-attacks-on-android\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ikarussecurity.com\/en\/"},{"@type":"ListItem","position":2,"name":"Mobile overlay attacks on Android"}]},{"@type":"WebSite","@id":"https:\/\/www.ikarussecurity.com\/en\/#website","url":"https:\/\/www.ikarussecurity.com\/en\/","name":"IKARUS Security","description":"Sovereign Cybersecurity","publisher":{"@id":"https:\/\/www.ikarussecurity.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ikarussecurity.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.ikarussecurity.com\/en\/#organization","name":"IKARUS Security Software","url":"https:\/\/www.ikarussecurity.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2022\/06\/ikarus-logo.png","contentUrl":"https:\/\/www.ikarussecurity.com\/wp-content\/uploads\/2022\/06\/ikarus-logo.png","width":1805,"height":448,"caption":"IKARUS Security Software"},"image":{"@id":"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ikarusantivirussoftware","https:\/\/x.com\/ikarusantivirus","https:\/\/www.linkedin.com\/company\/ikarus-security-software-gmbh","https:\/\/www.xing.com\/pages\/ikarussecuritysoftwaregmbh","https:\/\/www.youtube.com\/channel\/UCRRsH3IwUJQqwtBYpNp0Tuw"]},{"@type":"Person","@id":"https:\/\/www.ikarussecurity.com\/en\/#\/schema\/person\/19cc5cb758c73750a975662a88135e57","name":"IKARUS","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/46cf9dc27e41ec0f1b95682ae7f7770564edea3907510e025b63f4392c4aa7c2?s=96&d=mm&r=g","caption":"IKARUS"}}]}},"_links":{"self":[{"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/posts\/10664","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/comments?post=10664"}],"version-history":[{"count":23,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/posts\/10664\/revisions"}],"predecessor-version":[{"id":30974,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/posts\/10664\/revisions\/30974"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/media\/10253"}],"wp:attachment":[{"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/media?parent=10664"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/categories?post=10664"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ikarussecurity.com\/en\/wp-json\/wp\/v2\/tags?post=10664"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}