File name: com.bigos.androdumpper.apk
Size: 11MiB
Type: android
Mime: application/zip
SHA256: d2490fc5fc5a5f6fd9f58a8e3c488601367638d4dd9f3a5f892131dc50df9031
Last VirusTotal Scan: 11/17/2023 23:23:14
Last Sandbox Report: 11/17/2023 23:23:13
Malware Family: Luminati (not currently classified as malware)
0x1 Introโ
Not all malicious (or at least dishonest) code can rightfully be called malware, even if the tactics used by the software in question are similar or even undistinguishable from actual malware. The difference is in how they are used. And sometimes - as in this case - you can grant developers permission to turn your Android device into a hidden SOCKS proxy for paying customers.
One of my favorite methods of poking around on Android devices is to install a Linux chroot image on a rooted device so that I can make use of my favorite command-line tools. This gives me access to a full Linux distro on my device.
I recently discovered an Android app called AndroDumpper that seemed innocent enough. However, when first starting the application you see this message asking you to agree to sharing some of your device's wifi and cellular data: