APKLAB.io is an Intelligence-driven Threat Hunting Platform for the Security Analyst Community by @AvastThreatLabs
Joined April 2018
- Tweets 147
- Following 21
- Followers 1,606
- Likes 178
39 Photos and videos
Hey, fellow mobile malware researchers! During the #COVID19 crisis, lots of actors started to design apps aimed at phishing users into downloading and installing malware. We are therefore making our internal customized telemetry for Covid19 public, here:
apklab.io/covid19
2
41
74
APKLAB.io retweeted
6 Dec 2021
left a few things out -- the additional downloaded APK is: 2971c15d7534dffd37535535d5dba4479355f153 [SHA-1] via haeundaejugong[.]com | GET /data/app.php?type=apk&value=replace & signing cert has been used for multiple apps: 2be2bc2a98e47e1468248f7ddcfd5ca3 [MD5] h/t @apklabio
2
1
1
dd8a5a1a8632d661f152f435b7afba825e474ec0d03d1c5ef8669fdc2b484165
efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7
8a6889610a18296e812fabd0a4ceb8b75caadc5cec1b39e8173c3e0093fd3a57 samples can be downloaded from @apklabio or @koodous_project enjoy it ;-)
7
17
another one
play.google.com/store/apps/d…
some of the nasty C2s /vip.paramera.shop /grouplearn.shop /weathercycl.club /implemente.life
good place to search for is @apklabio
2
9
APKLAB.io retweeted
20 Jan 2021
Sample:
apklab.io/apk.html?hash=5971…
Warning to all Trezor owners using Android devices!
This app is malicious and has no relation to Trezor or SatoshiLabs. Please, don't install it.
Remember that you should never share your seed with anyone until your Trezor device asks you to do it!
3
6
Happy New Year from the APKLab.io Team!
What's new?
🎁 Support for Android 11. Now you can select from each binary (.apk) options, in which Android version you want to perform the analysis.
@avast_antivirus @AvastThreatLabs
2
3
14
thx @apklabio 31 samples found on this domain
apklab.io/sampledump.csv?fil…
and 149 on corresponding IP
apklab.io/sampledump.csv?fil…
1
3
Threat Intelligence:
iOS and Android "Shocking" scams spreading via TikTok - 7 apps with 2.4M downloads.
Some feature HiddenAds adware while others charge exorbitant amounts for fake 'Shock your friends' apps.
More details here: blog.avast.com/scam-apps-spr… kudos to @JVAvast
2
2
5
IoCs:
ThemeZone - Shawky App Free - Shock My Friends: apklab.io/apk.html?hash=782a…
Tap Roulette Shock my Friend: apklab.io/apk.html?hash=897c…
Avast's Mobile Threat Labs team, @apklabio discovered a #Cerberus banking #Trojan on #GooglePlay targeting Android users—disguised as a genuine app to access banking data of unsuspecting users. Avast reported it to Google so they can quickly remove it.
ava.st/3iMdLAb
3
14
#Android #Banking #Trojan #Malware
@apklabio @virqdroid @malwrhunterteam
apklab.io is helping to detect more joker Trojans from Google Play:
9
19
Long time no see! #Cerberus banker dropper found again in @GooglePlay. Masks as currency convertor act as currency stealer.
Target users in Spain, incl. @GooglePlay geo-restrictions.
Hash: apklab.io/apk.html?hash=c30e…
1
4
14
Multiple versions have been uploaded before activation.
Uses a native library libcornflakes.so to drop/load the banker.
This lib is present in multiple versions of the app, at least since v 1.0.17, removed again in later versions 1.0.24 , became active only recently.
1
"HiddenAds up to no good again and spreading via Android gaming apps"
A walkthrough article on discovering HiddenAds samples on @GooglePlay with apklab.io from @JVAvast
decoded.avast.io/jakubvavra/…
9
12
APKLAB.io retweeted
19 Jun 2020
Finally, after some struggling. We present to you a second part of #GPS #trackers mayhem story. Control over vendor business interface: ✅, hiring botnet of #GSM capable devices: ✅, no #security: ✅, brands in disguise: ✅ bit.ly/2APFJd0 @avast_antivirus
1
6
18
APKLab.io #COVID19 Telemetry Statistics
- 3526 samples
- 578 domains
Explore the samples here: apklab.io/covid19
3
9