Be careful what you download, there is a new Android malware on the loose!
No matter how many walls we raise and measures we take, hackers always find a way into our phones one way or another. That is exactly why it is important to keep your phone's software up to date and why it is advised that you have some reputable antivirus software installed on it.
Unfortunately, researches have found a new type of Android malware that can "hide" itself even from the antivirus apps by using a new compression method for the Android Package or APK. Since the method these hackers are using is one that is unknown to the antivirus programs and the cybersecurity researchers, it cannot be read, therefore going completely past security as a regular app.
The folks at BleepingComputer state that this new method was first discovered by Joe Security, a firm that specializes in deep malware analysis for Windows, macOS, Linus, and of course Android. Joe Security shared its discovery on X (formerly Twitter) saying it has already tested various tools, all of which have failed.
What is the best way to bypass #Malware analysis on #Android? Checkout the local and central Zipfile header of APK 2f371969faf2dc239206e81d00c579ff and tell us what you see. We tested various tools and they all failed. https://t.co/WZoAggsnMypic.twitter.com/cItKYyN2eq
— Joe Security (@joe4security) June 28, 2023
There is good news!
The good news is that if you keep one of the basic prevention methods for avoiding Android malware apps you should be safe, at least for now. As it currently stands, none of the apps in which this new unknown APK compression method was discovered are on Google's Play Store. In other words, if you don't sideload apps on your Android phone you are very unlikely to have this type of malware.
That being said, following up on Joe Security's findings, two other cybersecurity companies jumped in to delve deeper into this new danger. One of them called Zimperium, which is a member of the 'App Defense Alliance,' discovered that some APKs also use abnormally large filenames going above 256 bytes, causing analysis tools to crash.
Also read:
Things that are NOT allowed: