Possible to Get Virus from APK?
also posted at hofo.
hey guys, first android phone here. Pretty excited. Quick (and stupid) question, I found a forum that has the hacked apk for the newest swype beta. I know, some of you guys are gonna say if i didnt sign up the legit way i shouldnt be using it but i was curious, can apk's have virus's or trojans? And if it does corrupt my phone, is it possible to just wipe the device as a fix or would it leave left over crap?
btw, my phones not rooted...
when i install swype it says allow app to "you personal info, read contact data, read user defined dictionary and phone calls, read phone state and identity"
11-19-2010 09:40 PM
Yes. An apk can be a virus cleverly disguised as a legitimate app. The jury is out on how many of these are still in the marketplace, mostly they were wallpapper apps that could collect your contacts. Use your own good judgement. Or if you don't trust that, look for an A/V app.
Personally, I just backup nAndroid daily, do what ever, restore backup if I messed up anything, manage / delete old backups.
i really appreciate the blunt answer sir. i decided to go ahead and install it. works fine. just paranoid something may be running in the background. apk was only 3.2mb. the other languages were stripped out. nice and light!
but if it does corrupt my phone, a simple factory wipe should fix it right?
Probably, yes. If you don't care about losing your data, that is.
Originally Posted by fruitycups
If you have the technical abilities, you can always wipe your phone to get back to factory fresh condition. However, rogue APKs can cause damage even if your phone is not rooted -- the several "one click root" applications can root your phone using an exploit. They do it with your permission out of politeness, not out of need.
Rogue APKs can access anything that you can access using your device. For example, they can read your email and look for passwords that have been sent to you, and they can upload them to a remote location. They can also trigger services you have accounts with to send a new password to your phone. These things are not known to have happened and so I don't wish to set off an unfounded panic, however a dedicated programmer could figure this out and there seem to be many such programmers in the world (who are mainly focused on Windows/IE attacks).
The bottom line here as I see it -- you're using an APK of questionable intent, for the purpose of reducing size on your phone (due to stripped languages)? If that's the only reason to place your trust in someone who has already demonstrated knowledge in how to break apart an APK and repackage it... why not get the official APK and hack out the extra languages yourself?
If you want to strip the extra languages yourself, you only need to be able to use the "adb" tool from the published Android SDK, the "apktool" application found easily online, and the Java jarsigner tool. Extract the APK file using ADB (if you don't already have it on your computer) -- the _real_ one, not the hacked one. Use apktool to deconstruct it. Delete the "res/values-[other languages]/*" files. Use apktool to repackage after you've deleted the pieces you don't want. Sign the new apk using jarsigner (using any signature you want). Then use ADB to install the new APK.
Using this process, you must uninstall the old APK; Android won't let you install a new APK if its signature is different than the existing one on the phone. You sometimes need to reboot the phone after uninstalling, but this may be based on how you uninstall.
If you want more details on how to tear apart and repackage the APK, post that and me or someone else will provide specifics. It's really not a difficult process though, and requires zero knowledge of programming.