Cybersecurity agency Zimperium has discovered that menace actors are utilizing Android Package (APK) information with unknown or unsupported compression strategies to keep away from malware evaluation. They recognized 3,300 artifacts using such compression algorithms, with 71 of them with the ability to be loaded on the working system with none points. These apps weren’t accessible on the Google Play Store, suggesting they had been distributed by untrusted app shops or social engineering. The APK information make the most of an unsupported decompression technique, making it tough for decompilation instruments to investigate them. This method can resist decompilation whereas nonetheless with the ability to be put in on Android gadgets above model 9. Zimperium started its evaluation after a publish from Joe Security in June 2023 about an APK file displaying this conduct. Additionally, malware authors are deliberately corrupting APK information to set off crashes on evaluation instruments. This discovering comes after Google revealed that menace actors are utilizing versioning strategies to bypass its Play Store’s malware detections and goal Android customers.
Source hyperlink
