The mobile threat landscape of 2016 was marked by the disruptive impact of mobile malware to enterprises, their diverse attack vectors, as well as the scale and scope of their distribution. Last year’s notable incidents also mirrored how more vulnerabilities were exploited to take devices hostage and extort their owners. Fake apps banked on the popularity of its legitimate counterparts— Pokèmon Go , Mario Super Run and QQ (a popular IM app in China), to name a few—to deliver malicious content. In QQ’s case, UTF-8 byte order mark (BOM) are added in the app label to spoof the genuine app. PUAs like adware also remained constant threats that exposed users to bank-emptying and information-stealing malware.