Carlos Castillo is a mobile malware researcher at McAfee, where he specializes in the analysis of mobile threats and Android malware. Castillo performs static and dynamic analysis of suspicious applications to support McAfee’s Mobile Security for Android product. He is the author of the McAfee-published white paper, "Android Malware Past, Present, and Future,” and wrote the “Hacking Android" section of the book, "Hacking Exposed 7: Network Security Secrets & Solutions.” As a recognized mobile malware researcher, Castillo has presented at several security industry events, including 8.8 Computer Security Conference and Segurinfo, a leading information security conference in South America.

Prior to his position at McAfee, Castillo performed security compliance audits for the Superintendencia Financiera of Colombia, and worked at security startup Easy Solutions Inc., where he conducted penetration tests on web applications, helped shut down phishing and malicious websites, supported security and network appliances, performed functional software testing, and assisted in research and development related to anti-electronic fraud. Castillo joined the world of malware research when he won ESET Latin America’s Best Antivirus Research contest with a paper titled, “Sexy View: The Beginning of Mobile Botnets.” Castillo holds a degree in systems engineering from the Universidad Javeriana in Bogotá, Colombia.

Carlos Castillo Blog Feed

More from Carlos Castillo

McAfee Labs

Android/TimpDoor Turns Mobile Devices Into Hidden Proxies

The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading and installing a fake voice-message app which allows cybercriminals to use infected devices as network proxies without users’ knowledge. If the fake application is installed, a background service starts a ...

McAfee Labs

AsiaHitGroup Gang Again Sneaks Billing-Fraud Apps Onto Google Play

The McAfee Mobile Research team has found a new billing-fraud campaign of at least 15 apps published in 2018 on Google Play. Toll fraud (which includes WAP billing fraud) is a leading category of potentially harmful apps on Google Play, according to the report Android Security 2017 Year in Review. ...

McAfee Labs

New Android Malware Found in 144 GooglePlay Apps

McAfee’s Mobile Research team has found a new Android malware in 144 “Trojanized” applications on Google Play. We named this threat Grabos because we found this string in several elements of the code, including variable and method names. Grabos was initially found in the Android application “Aristotle Music audio player ...

McAfee Labs

Smishing Campaign Steals Banking Credentials in U.S.

The McAfee Mobile Research team recently found an active smishing campaign, using SMS messages, that targets online banking users in the United States. The messages attempt to scare victims with a notice that the bank account will be soon closed and that the user must immediately click a malicious URL: ...

McAfee Labs

Trojanized Photo App on Google Play Signs Up Users for Premium Services

Mobile apps usually have names that give some indication of their function. In one recent case, however, we found a misnamed app that turned out to be malicious. Every Android app has an ID value, commonly known as the package name, to uniquely identify it on a device and in ...

McAfee Labs

Android Banking Trojan Asks for Selfie With Your ID

In the first half of 2016 we noticed that Android banking Trojans had started to improve their phishing overlays on legitimate financial apps to ask for more information. Victims were requested to provide “Mother’s Maiden Name,” “Father’s Middle Name,” “Maternal Grandmothers Name,” or a “Memorable Word.” Attackers used that data to respond ...

McAfee Labs

Active iOS Smishing Campaign Stealing Apple Credentials

McAfee Mobile Research recently found an active phishing campaign targeting iOS users via SMS messages. The message tells users that their Apple accounts have been temporarily locked to trick them into accessing a phishing site and steal the real Apple credentials. Here is an example of an SMS message from this campaign: The ...

McAfee Labs

Trojanized Pokémon GO Android App Found in the Wild

Pokémon GO is a new mobile game that allows fans to “catch” Pokemons in the real world using augmented reality and their smartphones capabilities such as location technology and built-in cameras. The game was released on July 6 on both the Apple App Store and Google Play but only in Australia, ...

McAfee Labs

Android Banking Trojan ‘SpyLocker’ Targets More Banks in Europe

Since the discovery of the Android banking Trojan SpyLocker, McAfee has closely monitored this threat. SpyLocker first appeared disguised as Adobe Flash Player and targeted customers of banks in Australia, New Zealand, and Turkey. Recently we have found that the distribution method for this malware has changed. In addition to ...

McAfee Labs

Sex Sells: Looking at Android Adult Adware Apps

Advertising is one of the primary methods to generate money from mobile devices. Ads can be displayed in the browser when you visit a specific website or can appear in free apps. In the case of mobile apps, the developer must select a theme that attracts many users to increase ...

Subscribe to McAfee Securing Tomorrow Blogs