HQ/EMEAFind out how we can help your business
Researchers discovered a recent trend among cybercriminals that use APKs to hide their Android malware from security detections. Reports claimed these tactics could hide malware from AV programs by being inside an APK.
Currently, the most affected users are Android device owners with an OS version above Android 9 Pie. The devices are the most susceptible to such apps since the malware faces less analysis from security solutions.
The Android malware apps use an unsupported method to pass through securities without the corresponding analysis.
The Android malware apps attackers use achieve evasive techniques by leveraging an unsupported decompression process in the APK, essentially a Zip archive.
Threat analysts noted that the technique is not new in the cybercriminal scene since they demonstrated it almost a decade ago. However, recent reports showed a trend among threat actors that use such strategies.
In the latest tally, over 3,000 APKs use the compression technique circulating in the wild. The worst part of this tally is that some APKs are available in the official Google Play Store. This detail implies that these malicious applications could still infect Android users that do not support third-party app downloads.
Furthermore, Google revealed that threat actors still use the versioning technique to launch malware onto Android devices while bypassing the Play Store’s security protocols.
The malware app developers released a BETA version of their app in the initial release on Play Store so they could easily bypass the security check of Google.
Threat actors have constantly developed strategies to push their malware on numerous users. The sudden rise of these old techniques indicates that threat actors could still use old methods to exploit weaknesses in the cybersecurity landscape.
Cybersecurity experts advise everyone to refrain from downloading sideloading apps on Android phones to prevent the risk of malware infection. In addition, users should double-check the app’s legitimacy even if it is in an official app store.
Be cautious of installing applications with high download counts with less review and avoid granting them privileges irrelevant to their functions since most of these could be malicious.
