Konfety Returns: Classic Mobile Threat with New Evasion Techniques zimperium.com/blog/konf…

As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a new, sophisticated variant of a well-known malware previously reported by Human. This Android-targeted malware, named Konfety, employs an “evil-twin” method to conduct fraudulent activities.

The threat actors behind Konfety are highly adaptable, consistently altering their targeted ad networks and updating their methods to evade detection. This latest variant demonstrates their sophistication by specifically tampering with the APK’s ZIP structure. This tactic is designed to bypass security checks and significantly complicate reverse engineering efforts, making detection and analysis more challenging for security professionals.