216.73.216.133

New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI

· Published 25/03/2025 18:56 · Modified 25/03/2025 19:20

Export JSON

Essential information

Published
25/03/2025 18:56
Modified
25/03/2025 19:20
Tags
2025-03-25 android fake apps net maui
Related entities
13 observables, 9 techniques (mitre), 5 others

Description

Cybercriminals are exploiting ., a cross-platform development framework, to create malware that evades detection. These threats disguise themselves as legitimate apps, targeting users to steal sensitive information. The malware campaigns use techniques such as hiding code in blob files, multi-stage dynamic loading, and encrypted communications to avoid security measures. Two examples are discussed: a fake bank app targeting Indian users and a fake social media app targeting Chinese-speaking users. The latter employs advanced evasion techniques like excessive permissions in the AndroidManifest.xml file and encrypted socket communication. Users are advised to be cautious when downloading apps from unofficial sources and to use up-to-date security software for protection.

External references