Home > Cyber News > New Obfuscation-as-a-Service Platform Offers Detection Evasion for Android

New Obfuscation-as-a-Service Platform Offers Detection Evasion for Android

hacker window obfuscation-as-a-serviceSecurity researchers reported that a new malicious service is enabling cybercriminals to improve their detection evasion mechanisms.

Called obfuscation-as-a-service, the service shows how “robust the cybercriminal economy is,” as pointed out by DarkReading contributing author Ericka Chickowski.

New obfuscation-as-a-service platform found by researchers

Cybersecurity researchers detailed this obfuscation-as-a-service platform during the Botconf 2020 virtual conference. Hackers succeeded in developing a fully automated service platform that protects mobile malware Android Packet Kits (APKs) from AV detection. The service is available as a one-off payment or a recurring monthly subscription. It is translated into English and Russian, and has been open for at least six months this year, or maybe longer.

The discovery of the service is a collaborative effort of several researchers from three companies: Masarah Paquet-Clouston (GoSecure), Vit Sembera (Trend Micro), and Maria Jose Erquiaga and Sebastian Garcia (Stratosphere Laboratory). The researchers decided not to reveal the exact name of service so that its creators remain unaware of their findings. The team came across the malicious platform while analyzing the Geost Android banking Trojan. During their work, the team uncovered “leaked chat logs between Geost botnet operators referring to an obfuscation service and started poking around to discover what was being discussed,” Chickowski reported.

What does the service offer?

The obfuscation platform provides obfuscation for $20 per APK and $100 for 10 APKs. There’s also 30-day unlimited access for the price of $850. The research revealed more than 3,000 APK files submitted in VirusTotal obfuscated by the platform in 2020. It is noteworthy that this is not the only such platform, as the analysis uncovered several other competitors lurking in the underground market. However, this particular one is unique compared to others.

How efficient is the service in evading AV detection? Its quality can be rated as “medium”. The chances of detection are higher in less malicious apps, the researchers said in their presentation. However, this means that the service’s customers are authors of highly malicious applications, where the offered obfuscation can be most efficient.

If you’re interested in obfuscation and how it works, we invite you to read our article “Top 6 Advanced Obfuscation Techniques Hiding Malware on Your Device.”

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree