Konfety Returns: Classic Mobile Threat with New Evasion Techniques
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated variant of the Android malware Konfety has been identified, employing advanced evasion techniques. The malware uses dual-app deception, ZIP-level evasion, dynamic code loading, and stealth techniques to conduct ad fraud and redirect users to malicious websites. It tampers with the APK's ZIP structure to bypass security checks and complicate reverse engineering. The malware loads encrypted assets at runtime, concealing critical functionality. It mimics legitimate apps, hides its icon, and uses geofencing to adjust behavior by region. The threat actors behind Konfety are highly adaptable, consistently updating their methods to evade detection and target various ad networks.
OPENCTI LABELS :
android,konfety,caramelads sdk,ad fraud infrastructure
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Konfety Returns: Classic Mobile Threat with New Evasion Techniques