To avoid malware analysis, threat actors create Android Package (APK) files using unsupported or unidentified compression techniques.
Zimperium’s research, which discovered 3,300 artefacts using these compression algorithms in the wild, supports this. The operating system can be loaded without any issues with 71 of the recognised samples.
Since there is no proof that the apps were ever made available through the Google Play Store, it is likely that they were spread through other channels, usually by tricking people into sideloading them or using dubious app stores.
The APK files employ “a technique that limits the possibility of decompiling the application for a large number of tools read more Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.