Security News > 2023 > August > Thousands of Android APKs use compression trick to thwart analysis
Threat actors increasingly distribute malicious Android APKs that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms.
Zimperium, a member of the 'App Defense Alliance' dedicated to identifying and eliminating malware from Google Play, analyzed the decompilation resistance landscape after a Joe Security tweet that showcased an APK that eludes analysis yet runs seamlessly on Android devices.
The researchers found a subset of 71 malicious APKs that work fine on Android OS version 9 and later.
APKs packed using unsupported or unknown compression methods are not installable on Android 8 and older, but they will work fine on Android versions 9 and later.
Since APKs downloaded from outside Google Play cannot be vetted, the best way to protect against these threats is to avoid installing Android apps from third-party sites in the first place.
Anatsa Android trojan now steals banking info from users in US, UK. Android 14 to let you block connections to unencrypted cellular networks.