Carlos Castillo is a mobile malware researcher at McAfee, where he specializes in the analysis of mobile threats and Android malware. Castillo performs static and dynamic analysis of suspicious applications to support McAfee’s Mobile Security for Android product. He is the author of the McAfee-published white paper, "Android Malware Past, Present, and Future,” and wrote the “Hacking Android" section of the book, "Hacking Exposed 7: Network Security Secrets & Solutions.” As a recognized mobile malware researcher, Castillo has presented at several security industry events, including 8.8 Computer Security Conference and Segurinfo, a leading information security conference in South America.

Prior to his position at McAfee, Castillo performed security compliance audits for the Superintendencia Financiera of Colombia, and worked at security startup Easy Solutions Inc., where he conducted penetration tests on web applications, helped shut down phishing and malicious websites, supported security and network appliances, performed functional software testing, and assisted in research and development related to anti-electronic fraud. Castillo joined the world of malware research when he won ESET Latin America’s Best Antivirus Research contest with a paper titled, “Sexy View: The Beginning of Mobile Botnets.” Castillo holds a degree in systems engineering from the Universidad Javeriana in Bogotá, Colombia.

Carlos Castillo Blog Feed

More from Carlos Castillo

McAfee Labs

Fake Android Update Delivers SMS, Click Fraud in Europe

McAfee Mobile Research has been monitoring a mobile malware campaign targeting users in Germany, France, and Russia since the beginning of the year. Several users have complained in forums and social networks about a suspicious file with the name Android_Update_6.apk being automatically downloaded when a website is loaded. Recently a ...

McAfee Labs

Is This Your Photo? No, It’s SMS Spam With Mobile Malware

One of the most important concerns of Internet users is privacy. For this reason one of the most effective phishing attacks is to claim that someone’s video or photo is public; thus the victim cannot resist clicking on the malicious link. Recently some people from Singapore (country code +65) have ...

McAfee Labs

Android App SandroRAT Targets Polish Banking Users via Phishing Email

Europe is currently under attack by spammers trying to get control of Android devices. In Germany the distribution method is via SMS (text) messages, as you can read in this recent McAfee Labs post, while in Poland there is an ongoing email spam campaign distributing a new variant of an ...

McAfee Labs

‘DHL’ SMS Spam Distributes Android Malware in Germany

One of the most common methods for distributing PC malware is the use of email spam messages that pose as tracking notifications from popular delivery companies such as DHL Express, FedEx, or UPS. The reason for this popularity is the malware’s effectiveness. Most of the time the victim receiving the ...

McAfee Labs

iBanking Mobile Trojan Poses as Facebook Token Generator

Mobile banking Trojans have usually pretended to be security applications (for example, Zitmo) or legitimate banking apps (FakeToken or FkSite a.k.a. Perkele) to trick users into installing the malware. These apps steal incoming SMS messages that could contain mTANs (Mobile Transaction Authentication Numbers) used as two-factor authentication to allow Internet transactions. ...

McAfee Labs

Phishing Attack Replaces Android Banking Apps With Malware

Mobile devices are also increasingly being used to manage a critical and important asset for all of us: our money. According to the Federal Reserve Board report “Consumers and Mobile Financial Services 2013,” in the United States “48 percent of smartphone owners have used mobile banking in the past 12 ...

McAfee Labs

Fake Cleaning Apps in Google Play: an AutoRun Attack and More

Almost exactly one year ago, Google announced the addition of a “new layer to Android security,” a service codenamed Bouncer that was intended to provide automated scanning of the Android Market for potentially malicious software. However, as my colleague Jimmy Shah wrote in a previous blog post, Bouncer has not ...

McAfee Labs

Android Malware Promises Video While Stealing Contacts

Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the Internet–but only if some sensitive information is previously sent to a remote server. The malicious applications are designed for Japanese users and display “trailers” of upcoming video games for Android. ...

McAfee Labs

Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan

Based on the Android malware that we’ve seen so far, one of the principal motivations to develop and spread malware on Android is to gain financial profit. We often see deceptive applications that send SMS messages to premium-rate numbers without the user’s consent or that run man-in-the-middle attacks to forward ...

McAfee Labs

Google Code Projects Host Android Malware

[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working on open source projects. It’s also a target for malware developers. Contrary to what you may think, this is not the first time that Google Code has been used to ...

Subscribe to McAfee Securing Tomorrow Blogs