Posts

Showing posts from February, 2017

What is considered malicious for an APK?

It's been a few months since my last post and I thought that a post about what items might be considered suspicious in an APK would be good to have. There is only two main items that I can think of but should provide a researcher with an idea of when they might need to reverse an application to figure out exactly what it is doing. Permissions In order for applications to access certain features of an Android device they must request access to the corresponding permissions for that feature. Such as, if an application wants to send SMS it must request access to that feature. This is usually done on install. When you choose to install a new application the user has to grant or deny access. This is the only time a user is prompted to allow access as the application will not request permissions when running. This can be dangerous if you allow access to an application and do not know what it is actually requesting access to. Permissions are a good place to start with when trying to ...