Because all the malicious code in Tekya is native code. It’s a lot harder to analyze native code. Native code does not have all that-it’s a lower level language. Most applications implement javascript, accessing multiple instructions and APIs. “There’s nothing malicious about native code,” Hazum explains, “but in this case the entire malicious code within Tekya is in native code. The malware’s operators decompiled and cloned genuine, popular apps which were then renamed and put back onto the store with the adware mobile included. “The Tekya malware family went undetected by VirusTotal and Google Play Protect,” Check Point says.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |