DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps


Level 75
Content Creator
Malware Hunter
Aug 17, 2014
A new research published by a group of academics has found that anti-virus programs for Android continue to remain vulnerable against different permutations of malware, in what could pose a serious risk as malicious actors evolve their toolsets to better evade analysis.

"Malware writers use stealthy mutations (morphing/obfuscations) to continuously develop malware clones, thwarting detection by signature based detectors," the researchers said. [PDF] "This attack of clones seriously threatens all the mobile platforms, especially Android."

The findings were published in a study last week by researchers from Adana Science and Technology University, Turkey, and the National University of Science and Technology, Islamabad, Pakistan.

Unlike iOS, apps can be downloaded from third-party sources on Android devices, raising the possibility that unwitting users can install unverified and lookalike apps that clone a legitimate app's functionality but are built to trick targets into downloading apps laced with fraudulent code that are capable of stealing sensitive information.


Level 51
Content Creator
Apr 24, 2016
From that article:


Most popular AV's detect it 🤔

Never heard from most that don't detect it...