what i learn:
The most successful transition to spreading .apk-based consumer malware requires working with active developers who can design basic applications using j or kotlin. For example, you can publish an app on the Google Play Store
Then, installed on the device, once the user opens the app, it gets real-time "updates" and replaces the updates with your malicious .apk from the external server.
There are two very important points, which greatly affect the success rate:
1.It's better to have an older developer certificate. Corporate developers are better than individual developers
2.It is very important to ensure that your malware never touches the Google Play Store
The most successful transition to spreading .apk-based consumer malware requires working with active developers who can design basic applications using j or kotlin. For example, you can publish an app on the Google Play Store
Then, installed on the device, once the user opens the app, it gets real-time "updates" and replaces the updates with your malicious .apk from the external server.
There are two very important points, which greatly affect the success rate:
1.It's better to have an older developer certificate. Corporate developers are better than individual developers
2.It is very important to ensure that your malware never touches the Google Play Store