A russian file labeled as a trojan? It must be perfectly safe. Or at least you’ll learn a valuable lesson.
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
This is clearly a trap. This hook is so shiny. Any idiot would know this. But I really want the bait! One bite won't hurt
Are russian files more likely to be malicious? I'm curious.
In the past (I.e. 90s to 2000), very yes. Nowadays I don’t know, but with the war and the spying stuff, I would still avoid such sources.
This reads the same as "hi, my friend saw my {dating app} date's photo up at the post office with the note that they were wanted for the murder of 16 different {my demographic}. Should I still go on a date with them to that remote cabin in the woods?"
From a .RU site no less...
Yeah. It's a lot safer to go on a date with someone who was wanted for the murder of just 1 or 2 different persons to that remote cabin in the woods, isn't it? :D
Find another source
I searched the entire list of "Android Cracked/Modded App Markets & Repos" but unfortunately no other site has this 1.3.2 modded version.
They seem to drop a library file not existing in the original apk in the filesystem:
/data/app-lib/com.freeholdgames.sproggiwood-1/libandroeedru.so
I wonder what is its' purpose..
I'm curious too. Since it has the same name as the site and the site is in the megalist, could it be safe?
probably to inject ads or toast messages when you launch the game
There's a decent write up on how Android 'dropper' malware functions here. TLDR - while the APK may be clean, it tries to trick you into installing a malware infected APK later in the install process or during a fake update.
Thanks. That dropper function looks dangerous. However, the first dropper campaign spotted by Threat Fabric at the beginning of October 2022, and this file was uploaded at 2020, so even if it's indeed malicious, it's probably a different bad guy I guess.
Malicious files can still be uploaded to trusted sites, but in general apks are well sendboxed so it's difficult to get a trojan on a non-rooted, up to date Android phone.
What is the apk supposed to be for?
It's a mod apk file for the game sproggiwood 1.3.2. The file seems to be modded by the site itself though, so if it's malicious I guess the site is not trustable.