Microsoft-related security exploits blind space to avoid detection of Android malware

The new Android Malware is using Microsoft K. to fly under the radar in a new cyber security dust-up this week. Disguised as actual services such as Indian and Chinese speaking users targeting banking and social media apps, malware is designed to achieve access to sensitive information.

Cyber ​​security experts with McAfee’s mobile research team say, while the danger is currently aimed at China and India, other cyber criminal groups can easily adopt the same method to target a comprehensive audience.

.NET Mau’s Hidden Danger: Bypassing Security

Microsoft launched .NET Maui in 2022, a framework that allows developers to create an app for both desktop and phone using C#, which now replaces retired XAMARIN tools. .NET Mau’s intention was to make it easy to create apps working in various platforms.

Typically, Android apps are made with Java or Kotlin, and their code is stored in a format called dex (delvic executable); Android security systems are designed to scan these dex files to look any strange. However, .NET MAUI allows developers to create an Android app with C#, and in this case, the app code ends in binary “drop” files.

Developed strategy of malware: drop benefits

These binary large objects or “drop” files are essentially raw pieces of data that does not necessarily follow any standard file structure. The problem here is that many current Android safety equipment – built to analyze DEX files – do not inspect the internal content of these drop files; This creates an important protection blind place, as malware can be quietly embedded inside these drops.

For cyber criminals, embedding malicious code from the beginning is far more effective than waiting to deploy it through an update. The ‘drop’ format enables such secret, immediate attack.

“With these stolen techniques, the danger can remain hidden for a long time, can be quite challenging in analysis and detection,” Warns Mcafee In your blog post on this subject. “In addition, the discovery of several variants using the same core techniques shows that this type of malware is becoming increasingly normal.”

See: Scam Alert: FBI is ‘looking fast’ malware was distributed in document converters

Security of your device: Safety researchers advice

It is always important to be careful where you get your apps, especially if you are not using the official app store. Researchers at MCAFEE have found that “… these platforms are often exploited to distribute malware by the attackers. It is especially related to countries like China, where the official app is restricted to the store, which users become more weak for such hazards.”

To deal with how quickly cyber criminals come with new tricks, McAfee strongly suggested that the user “install safety software on their equipment and keep it up -to -date all the time.” Originally, being cautious and good security in place are basic measures to stay safe from new hazards.