Premium
This is an archive article published on August 21, 2023

Android apps from third-party stores sneak malware into your phone: Study

Researchers suggest threat actors are using unsupported or heavily modified compression techniques to pack malware in regular APKs and evading detection by security softwares.

google-preferred-btn
Android malware | Undetectable Android virus | New Android virus | Android APK virusMore than 3,000 APKs are reportedly infected with malwares. (Image Source: Pixabay)
Listen to this article
Android apps from third-party stores sneak malware into your phone: Study
x
00:00
1x 1.5x 1.8x

A new study suggests threat actors are using unconventional compression algorithms to distribute Android APKs infected by malware and evade detection by antivirus programs.

According to a report by BleepingComputer, a mobile security firm named Zimperium found that malicious files are being injected using unsupported or modified compression algorithms. Since cybersecurity researchers and antivirus software are currently unable to decompile the APK files, threat actors are injecting malware into APKs and are able to easily bypass security measures.

Zimperium started diving into the issue after a Switzerland-based security firm named ‘Joe Security’, which analyzes malware on Windows, Linux, macOS and Android posted on X showcasing how some APKs were able to evade security analysis by experts using unusual compression techniques.

Also Read | Amazon launches AI-powered summaries of customer reviews

A recently published study by zLab claims more than 3,000 Android apps are currently using these untraditional anti-analysis methods. Even though many apps crash due to this very reason, researchers found out that more than 71 APKs are running without any issues on Android Pie (Android 9) and newer versions.

Story continues below this ad

While none of these apps were listed on the Play Store, Zimperium suggests they were distributed by third-party app stores or sideloaded. For the uninitiated, sideloading refers to the installation of apps via unofficial sources like APKs sent over WhatsApp, Telegram or Google Play Store alternatives like F-Droid and Aptoide.

If you want to protect your Android device against such threats, the best way is to avoid sideloading apps until necessary and stick to apps found on Google Play Store. In case you have to sideload an app, make sure you scan it using reputed antivirus tools before installing it. Users should also keep track of the permissions the app requests during or after installation.

© IE Online Media Services Pvt Ltd
Latest Comment
Post Comment
Read Comments
Advertisement
Top Stories
Truth about stampede will come out soon, says actor Vijay. PTI JSP JSP ROH
In first message since deadly Karur stampede, Vijay says 'truth will come out soon'
Avika Gor Milind Chandwani first wedding photos
EntertainmentBalika Vadhu actress Avika Gor marries Milind Chandwani on national TV: See first photos
Although no action was taken on the spot due to the late hour, instructions were later issued to the Madhav Nagar police to initiate legal proceedings against the man (Image source: @tyagivinit/X)
Trending‘Cancel his licence’: MP man 'dangles' his 9-year-old son outside moving car for ‘fun’, apologises later
India Women vs Sri Lanka Women Live: India start their World Cup campaign in Colombo against the co-hosts.
SportsIndia-W vs Sri Lanka-W Live Cricket Score, ICC Women's World Cup 2025: IND to bat first as SL win toss
By treating cricket as war, India and Pakistan do the game a disservice
OpinionBy treating cricket as war, India and Pakistan do the game a disservice
Live Blog
Loading Taboola...
Advertisement