3,000+ Android Malware Using Unique Compression Methods

Cybersecurity researchers at Zimperium zLab discovered an Android application package file (APK) that uses an unsupported decompression method to evade detection from anti-decompilation tools. Named “a.apk”, the file was identified in a tweet published by Joe Security. The APK can be installed on Android software versions above Android 9 Pie. Cybersecurity analysts found around 3,300 samples of the APK, which they noted were using the same ‘unsupported unknown compression’, with some too corrupted to load.