Dark Reading LogoResearchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.

A new obfuscation-as-a-service platform detailed by researchers today during the Botconf 2020 virtual conference offers yet another proof point of how robust the cybercriminal economy is at filling market needs for black hats. In this case, enterprising hackers developed a fully automated service platform for protecting mobile malware Android Packet Kits (APKs) from antivirus detection. Offered on a one-off basis or for a recurring monthly subscription, the service was available to mobile malware authors both in English and Russian for at least six months of 2020, potentially longer.

The service was found and examined by a collaborative team from three organizations: Masarah Paquet-Clouston from GoSecure, Vit Sembera from Trend Micro, and Maria Jose Erquiaga and Sebastian Garcia from the Stratosphere Laboratory. They initially got wind of the service — which they’ve chosen not to name to avoid tipping off the service operators — when they were analyzing activity surrounding the spread of the Geost Android banking Trojan botnet. They uncovered leaked chat logs between Geost botnet operators referring to an obfuscation service and started poking around to discover what was being discussed.

View Article Here

    Media Contact

      info@gosecure.net
Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Endpoint Security Lifecycle
GoSecure Titan
Titan Software
Email Security
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Cybersecurity Assessment
Security Compromise Assessment
Ethical Hacking
Incident Response & Forensics
Compliance & Audit
3rd Party Technology

Pin It on Pinterest