Android It is an operating system that is widely attacked by cybercriminals and if we add to this that antiviruses are not always so effective, it is easy to understand why this operating system is potentially dangerous.

Making the situation even more difficult is a recent discovery that involves i apk filesa compression trick adopted by some hackers that makes it even more difficult to scan and detect malware.

According to the site computer beepthe method was first discovered by joseph securitywhich was shown in Twitter how an APK can avoid scanning while still working fine on an Android endpoint.

Everything is quite simple: cybercriminals use a method of compression little known or unsupported, making it impossible to scan correctly. However, the potentially harmful application is fully active (at least since android 9 in). As a result of this report and a related verification, thousands upon thousands of files in circulation exploiting these types of tricks have been identified.

Malicious APK files? Hackers take advantage of various little tricks to bypass antivirus

A report on this topic by zLab Talk about about 3,300 APK files that can evade antivirus detection: As it is easy to understand, except in rare cases, it is dangerous software.

The user Zimperiummember of Defense Alliance Applications, then carried out further research on this practice. From this investigation, another disconcerting reality emerged: this that’s not the only trick cybercriminals use to evade scans.

Apparently, for example, filenames that exceed i 256 bytes. This causes crashes in many of the analysis tools. Another popular technique is to manipulate the file AndroidManifest.xmlwhich interferes with the scans.

If an antivirus can be bypassed or blocked with these tricks, it is good to find other techniques that can mitigate the risks. In this sense, the adoption of password managers either VPN it can be useful to counter malicious applications.

The main advice to avoid infections or contacts with harmful APK files is to trust only official storesavoiding apps of dubious origin.

