I'm looking for known infected apks, I'm just interested at studying some of the malicious code so I can learn how malicious applications for android work so I can see if when I start getting into creating apps, if I can find a way to remove them or atleast quarantine them/stop them. I remove viruses all the time from computers and always was fascinated. If you have any apks, just send them my way via pm. Just be sure to tell me what the virus does though, since I want to know what I am messing with.
I've been using AirDroid but stumbled across Remote Web Desktop. It has several more features over AirDroid but requires a lot of permissions. Does anyone know if this thing is safe to use. I don't want my data being sent who knows where.
It's safe, I'm the developer. It requires many permissions just because those features require them, we don't install any spy code in any our apps. I even didn't obfuscate my codes. What I mean is if it exists any spy code, it can be found quickly. Because many Android developers are also using my app every day.
BTW, please download it from the legal app stores, such as Android Market, AndroidPit, Amazon App Store, etc.
Hi,
Sometimes an app (.apk) is either simply not available through Google's store, or it might say "not compatible with your device", etc. There can be various reasons why a person might download a .apk from somewhere other than a "trusted" source.
If this was a file for my PC I could test it in a "sandbox", and I could scan it with both Microsoft Security Essentials and Malware Bytes Antimalware.
On my Android phone(s) I'm not aware of something like the "sandbox" option, and I don't really want to run an "antivirus" program on my phone. Is there an easy way to scan .apk files on the PC to see if they are rogue apps, might send SMS, "phone home", or otherwise mess with other applications or the system software installed on my phone?
Lets give another example: say I thought 15 minutes was not long enough to evaluate a relatively expensive Android game (it certainly isn't!) and I want to test it out first. Let's assume my only option in that case might be an illegally downloaded copy from unknown sources. Of course, we shouldn't do that. But if we did, how could we know if the file is safe and not risk installing some Chinese spyware?
About Android AV programs: anybody know how effective they are? Do some defend against "trojans" - I would think these days trojans are 99% of problems and viruses mostly a relic of the past?
My biggest concern is actually just unwanted crap that runs in the background which eats up battery, makes my phone warm (which I hate), or, perhaps even sends SMS message [this would be even worse because I don't have a text message plan].
EDIT: I see web pages with tiles like "new study finds Android antivirus apps not effective" and articles like this one: http://www.zdnet.com/blog/hardware/...bouncer-does-it-offer-enough-protection/17981
Do we have an easy way to boot Galaxy S3 off of "external" SDCARD instead of internal memory?
Search play store for avast antivirus, completely free, updates daily and works really well (firewall. Anti theft. And many more Features
sony xperia ray ics 4.0.4
stock rom unrooted
I found this website, maybe it can help someone.
h t t p://scan.netqin.com/en/
Maybe someone can post another one...
an easy way to check for safe apk
The easiest way to check for safe apk is to have one gmail account and another "whatever" email account. Then just send the apk from the gmail one to the second account, gmail always find viruses in any apk and stop the process to join the file (virus alert). Bad point is you are limited with the size of the file you wanna send.
Nowadays, even pc antiviruses can detect viruses in apks. I would rather not burden my phone with any android antivirus,since they are literally battery hogs.
sent using my HTC One S
Go here and upload the APK
http://anubis.iseclab.org/
Anubis is a service for analyzing malware.
Submit your Windows executable or Android APK and receive an analysis report telling you what it does. Alternatively, submit a suspicious URL and receive a report that shows you all the activities of the Internet Explorer process when visiting this URL.
Andrubis executes Android apps in a sandbox and provides a detailed report on their behavior, including file access, network access, crypto operations, dynamic code loading and information leaks. In addition to the dynamic analysis in the sandbox, Andrubis also performs static analysis, yielding information on e.g. the app's activities, services, required external libraries and actually required permissions.
Found a good one too
apkscan.nviso.be - give it a try. Drag and drop - wait for the upload - than click SCAN . Wait for a few minutes. That`s all. Unlike ANUBIS it has a resolution at the end of the analysis . Usually helpful.
You can also email the file to [email protected] and it will email the report back in about ten minutes. Virustotal can display some interesting info, for example it said that Lucky Patcher is a "Potentially Infected Hosts File (v)", as reported by VIPRE and AVware.
Virustotal also has an official android app.
The Netqin scanner is also an android mobile app.
Late answer, sure, but I think ClamAV is what you want. You also want its bytecode signature file, and to speed things up, you only want that single file (speeds up things quite a bit).
It is the only offline apk scanner i know of, and as for its efficiency i cannot say, but it seems like it is what you are asking for.
An alternative would be to install something like BlueStacks and remap your "Windows shared folder" (through registry) to the folder you have your apk files in, and then run BitDefender on it. BD is by far the most pernickety AV app out there for Android.
I'll have to check out bitdefender (it's also included on virustotal.com)
apkscan.nviso.be seems to be pretty good at analyzing files for suspicious activity, and it also uploads the file to virustotal for you. Then you can copy the sha256 hash into the virustotal's search, to get all the gory details.
anubis.iseclab.org limits files to 8 megabytes.
Another way to avoid malware is:
when installing an update to an already-installed version of an application, it will 99% of the time prompt you to update an existing app. There's been rare instances where some apps do use a new digital signature (for example when spotify had a big security hole, and for awhile there were two apps by spotify in the app store).
One other way to tell, as a final check when launching the apk for installation on the phone: the icon will not have the right icon. I've installed apps before that I thought came from a trusted source, but the icon was not right. In fact, I was considering not posting this publically, so the "bad dudes" would not update their methods.
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
nintendo1889 said:
Another tool I found:
http://andrototal.org/
Although it might be a duplicate of virustotal.
Click to expand...
Click to collapse
I just tried out this site. To me, it appears to be the most thorough virus testing site that I have seen. It takes some time for it to complete the scans. mainly because it scans the file with about 7 or 8 different scanning engines. Just just have to keep refreshing the page every few minutes to see if the results have updated.
I will be using this one as my go to site for apk scanning.
Just install it on the default emulator in the Android SDK
You can also install your apps on other emulator live bluestacks(best for games), jar of beans(best for rooted app) and windroy(the lightest)
Hit thanks if this helps
nintendo1889 said:
I'll have to check out bitdefender ...
Click to expand...
Click to collapse
Your signature photo ... awesome ... Bad Dudes
By using GDATA security , When you want to install an app the GDATA will scan it befor installing
Sent from my LG-D855 using Tapatalk
Use google scanning service VirusTotal to scan any app, secondly always use secure source. There are many well reputed apk sites but I personally use apklink.com , on this site required apk file is just a click away and its quite easy as well...
be safe & secure
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
denise1952 said:
This threads out of date, but it has me thinking I want to use something as mentioned in several replies to OP.
Are there any sites, or apps that can warn me if an .apk (for example) has malware etc.?
Thanks in advance for any help, including a link to another discussion that may have my answer
Click to expand...
Click to collapse
Malwarebytes can detect malware.
Sent from my LGL84VL using Tapatalk
I tried this site and I like it because it goes into a lot of detail after analyzing and sends me a report in email. It was mentioned, and it is still available to use: https://apkscan.nviso.be/
Thank you for the heads up on MB, I use that on my PC and works great
You can use virustotal.
I've looked at a lot of anti-spyware apps, but I can't find one that specifically says it can find stealth apps that someone installed when they got ahold of your phone. So it would look like an app that I personally wanted to have. They mostly talk about apps that were installed by a virus or link, etc.
It would be nice to be able to disable camera/mic functions too, or at least be notified when they are being accessed.
I don't mind paying to purchase the app, but most require a double digit monthly subscription, and I make next to nothing because I'm disabled so chances are even if I subscribed the money wouldn't be there to continue the subscription.
I've lurked here for many years without signing up, I love you guys! There are so many tutorials and apps that would never have known about if not for you guys. The developers here are geniuses. So thank you immensely in advance for your help!
Maybe try play store free app Bitdefender which has 5 million dl's & 4.7 rating. I have not tried it....
"Bitdefender Antivirus is one of the few actually free antivirus apps. It hasn’t changed much over the years. It offers a basic scanning feature, a simple interface, quick performance, and no configuration. This is a great one for super basic needs. All it really does is scan stuff ..." androidauthority
galaxys said:
Maybe try play store free app Bitdefender which has 5 million dl's & 4.7 rating. I have not tried it....
"Bitdefender Antivirus is one of the few actually free antivirus apps. It hasn’t changed much over the years. It offers a basic scanning feature, a simple interface, quick performance, and no configuration. This is a great one for super basic needs. All it really does is scan stuff ..." androidauthority
Click to expand...
Click to collapse
Thanks for the reply. Do anti-virus apps detect spyware though?
They can, just read some of the app playstore reviews and it's Developer app description for details....
Try ‘Malwarebytes for Android’.
If you really think there's spyware do a hard reset.
If you still aren't satisfied go full nuke and have the firmware reflashed.
No virus detection has a 100% detection rate and the worst trojans only a reflash can eradicate them.
A better question is why do you think there's spyware on the phone?
In over 6 years of using outdated OS's I've never had to do a reload because of malware.
Once found a nasty trojan preloader before it could be triggered with Malwarebytes.
I had a infected jpeg that damaged files in the download folder. Deleting the jpeg and some of the files ended it's brief rain of terror.
Be careful what apps you load, what you download*, what you click and never let others have unsupervised access to your device. React quickly to abnormal behavior to find it's cause.
Delete any file you suspect of being malware including jpegs and pngs.
Be prepare to do a hard reset at any time if you believe the device has been infected.
Always keep at least 2 complete isolated data backups for the device. Stagger syncs to them so a virus can't get embedded on both of them... hopefully.
Lol, paranoid yet?
*use only cloud based email apps like gmail
Google apps are spyware, Facebook is spyware, Whatsapp is spyware, Instagram is spyware. In principle all Social Media apps are spyware.
All apps what are designed to track your Internet browsing habits, such as frequented sites and favorite downloads, and then provide advertising companies with marketing data are spyware. All apps what can access your contacts data are spyware ...
Android, the spyware party mix...
You can try Bitdefender Free or Malwarebytes Premium. I have not used the second one before but have read a review at https://antivirusdoctor.net/ and think about using it on my smartphone.
I recently found a really interesting and useful website called hybrid analysis that is a sandbox scanner for files and programs of all kinds. And recently I've taken it up on myself to upload a few random small game apks that I don't have any permissions given and that I have gotten from the playstore. And all of them come back with disturbing results that they have access to files, contacts, emails and to send and receive them, to record audio from multiple inputs, and track my internet usage. How is this possible? Is there anyway I could get this kind of software scanner on android to check all my apps? Also the website is limited to apps that smaller than 100mbs so even if I wanted to just upload every APK I have on my device that wouldn't be possible. I also checked these apks on virustotal and they didn't find anything wrong with them, like really no red flags at all on them on virustotal. Or at the end of this am I just being too paranoid?
don't think it's necessary to additionally run apps downloaded / installed from Google Play Store through a malware scanner: Google does that by themselves.
spart0n said:
access to files, contacts, emails and to send and receive them, to record audio from multiple inputs, and track my internet usage. How is this possible?
Click to expand...
Click to collapse
Two words: Android, Google
Can you name a few apps with "disturbing results"?
Not sure but I get the impression that
https://www.hybrid-analysis.com/
is just another FUD to sell their "services" and it's growing nicely... but don't get me wrong such scanners are not useless per se. And the more, the merrier
https://f-droid.org/packages/org.adaway/
results in 35/100 threat score and is labeled as gray. Looking forward to feed their machine with some real bad apples...
Looking up the company leads to a German GmbH (aka Ltd) and further to CrowdStrike in the US.
https://en.wikipedia.org/wiki/CrowdStrike
xXx yYy said:
malware scanner: Google does that by itself
Click to expand...
Click to collapse
And here is how much I trust Google:
<>
Yes, it's an empty list