Android apps from third-party stores sneak malware into your phone: Study

Android apps from third-party stores sneak malware into your phone: Study

More than 3,000 APKs are reportedly infected with malwares. (Image Source: Pixabay)

Listen to this article

Android apps from third-party stores sneak malware into your phone: Study

x

A new study suggests threat actors are using unconventional compression algorithms to distribute Android APKs infected by malware and evade detection by antivirus programs.

According to a report by BleepingComputer, a mobile security firm named Zimperium found that malicious files are being injected using unsupported or modified compression algorithms. Since cybersecurity researchers and antivirus software are currently unable to decompile the APK files, threat actors are injecting malware into APKs and are able to easily bypass security measures.

Zimperium started diving into the issue after a Switzerland-based security firm named ‘Joe Security’, which analyzes malware on Windows, Linux, macOS and Android posted on X showcasing how some APKs were able to evade security analysis by experts using unusual compression techniques.

What is the best way to bypass #Malware analysis on #Android? Checkout the local and central Zipfile header of APK 2f371969faf2dc239206e81d00c579ff and tell us what you see. We tested various tools and they all failed. https://t.co/WZoAggsnMy pic.twitter.com/cItKYyN2eq

— Joe Security (@joe4security) June 28, 2023

A recently published study by zLab claims more than 3,000 Android apps are currently using these untraditional anti-analysis methods. Even though many apps crash due to this very reason, researchers found out that more than 71 APKs are running without any issues on Android Pie (Android 9) and newer versions.

While none of these apps were listed on the Play Store, Zimperium suggests they were distributed by third-party app stores or sideloaded. For the uninitiated, sideloading refers to the installation of apps via unofficial sources like APKs sent over WhatsApp, Telegram or Google Play Store alternatives like F-Droid and Aptoide.

If you want to protect your Android device against such threats, the best way is to avoid sideloading apps until necessary and stick to apps found on Google Play Store. In case you have to sideload an app, make sure you scan it using reputed antivirus tools before installing it. Users should also keep track of the permissions the app requests during or after installation.

Leave a Reply

Your email address will not be published. Required fields are marked *