APKLab.IO (Avast)

Mobile Threat Intelligence Platform

APKLAB.io is a mobile threat intelligence platform (MTIP) designed to provide the most relevant information for Android™ security researchers.

It incorporateas reliable and fast automatic classifiers that examine every malware strain, categorizing like with like, and creating a more complete picture of each particular malware family (all its variants, etc.). Built into the platform coherent analyses of both static and dynamic flow, meaning the MTIP also studies the behavior of every malware strain while it’s dormant as well as active [2].

If a sample is suspected to be malicious, it is then processed by Avast’s in-house custom-built static analysis tool, and dynamic analysis sandbox. As the MTIP forms a complete picture of the sample, machine learning is being used to categorize it as either part of a known malware family or not. The sample then lives forever in the apklab.io database to help solve future malware strain mysteries[2].

[1] https://arstechnica.com/information-technology/2020/03/android-surveillanceware-operators-jump-on-the-coronavirus-fear-bandwagon/

[2] https://blog.avast.com/mobile-threat-intelligence-with-apklab.io