Jakarta, CNBC Indonesia – A total of 3,300 APKs are said to be able to avoid Android security detection. Including can hinder the examination of the analysis.
This report comes from Zimperium which is a member of the App Defense Alliance. The agency is tasked with identifying and removing malware from Google Play.
Zimperium analyzed this issue after Joe Security posted an analysis of the APKs that managed to escape but still run on Android devices.
The zLab report identified 3,300 APKs that used unusual anti-analysis methods. But the researchers also found a subset of 71 malicious APKs that still work on Android OS version 9 and up Bleeping ComputerMonday (21/8/2023).
Zimperium tries to sample the application on a number of decompressor tools. They tried it using tools like ADX, APKtool, and the macOS Archive Utility.
But the results are quite surprising. None of the tools extract APKs for analysis.
In addition, Zimperium also found a number of malicious APK authors using filenames exceeding 256 bytes. This resulted in a number of crashes, ranging from unusable analysis tools, corrupting the AndroidManifest.xml file, and using the wrong String Pools.
There are no APKs in the Google Play Store. These malicious applications also cannot be checked by the app’s own app store.
However, Zimperium provides a list of reports and if anyone uses it, they are asked to uninstall it immediately or remove it from the cellphone.
Meanwhile, Bleeping Computer asking smartphone users not to install applications from third-party sites. According to the page, this is the best way to protect yourself from threats.
If you are forced to use a third-party application, Bleeping Computer reminds to scan the app. Namely with a reputable mobile AV tool before installing it into the phone.
Here are the names of malicious application files that Zimperium found:
- package. name. suffix
- numeric. contents. deskor
- health. karl. authority
- charlie. warning. professional
- imperial. xi. asia
- turner. encouraged. matches
- insta. pro. prints
- com. ace. measures
- eyes. acquisition. handed
- xhtml. peripherals. bs
- com. google. services
- google. cloud. suffix
- friends. exec. items
- com. yc. pfdl
- publicity. inter. brooklyn
- consist. prior. structure
- disaster. considering. illinois
- splash. app. main
- labeled. configuring. services
- respected. editors. association
- com. appser. verapp
- widely. sharp. rugs
- handmade. catalogs. urgent
- com. gem. holidays
- lemon. continental. prince
- com. koi. tokenerror
- cmf0. c3b5bm90zq. patch
- one. enix. smsforward
- com. app. app
- per. hourly. wiki
- broadway. ssl. seasonal
- Fees. abc. laugh
- tjb0n81d. j9hqk. eg0ekih
- 9fji8. pgzckbu7. nuputk
- factor. apnic. constitutes
List of 202 Android applications for account robbers and cellphone hijackers