Press releases

Avast Threat Labs Debuts apklab.io -  an Intelligence-driven Threat Hunting Platform for the Security Analyst Community

apklab.io Provides Deep Intelligence on Android Malware from Over 145 Million Devices to Aid in the Detection, Discovery, and Eradication of Threats

apklab.io Provides Deep Intelligence on Android Malware from Over 145 Million Devices to Aid in the Detection, Discovery, and Eradication of Threats


Mobile World Congress, Barcelona, February 26, 2019 – Avast (LSE:AVST), a leading global cybersecurity provider, today announced the launch of apklab.io, a mobile threat intelligence platform (MTIP) designed to provide real-time intelligence for Android™ security researchers.

Apklab.io is the first platform of its kind to collect and make available intelligence from Avast’s global network of over 145 million mobile users to help researchers fight the growing threat of mobile malware. Apklab.io uses machine learning techniques originally developed to help Avast Threat Labs better hunt and track mobile threats and is now available to external threat researchers to improve the detection, discovery, and eradication of mobile malware.

“Fighting mobile malware in today's highly connected world is a tough challenge that cannot be solved by a single company alone,” said Nikolaos Chrysaidos, Head, Mobile Threat Intelligence & Security for Avast Threat Labs. “The industry needs a coordinated approach, where security vendors and the broader security community unite in their mission to beat cybercrime, so the cost and benefit ratio stays in our favor, and that's why we're making ApkLab.io widely available."

The insight from apklab.io has already lead to the discovery and delisting of more than 130 malicious applications from the Google Play Store. For example, in the case of the BankBot Trojan, the malware family tracking feature in apklab.io enabled Avast to identify and detect every sample of the virus that was being uploaded to Google Play within a matter of hours of them appearing.

Avast has developed reliable and real-time classifiers that examine every strain of malware, categorizing like with like, and creating a more complete picture of each particular malware family. The platform is designed to deliver coherent analysis of both static and dynamic flow, meaning it can study the behavior of every malware strain while it’s dormant as well as active. The platform currently analyses 20,000 samples every day.

In the last year, the Avast Threat Labs has tracked a 375 percent growth in Adware as a malware category; it now makes up more than 52 percent of all mobile threats today. Aggressive adware is malware that pushes or spams user devices with a large number of advertisements. The Avast Threat Labs saw an increase of 78 percent year over year growth in the category of mobile banking threats that try to trick the user into giving up their bank account details by pretending to be a legitimate banking application.

Qualified researchers, analysts, and incident response professionals are all eligible to apply for access to the apklab.io platform - all applications to join the platform are individually reviewed to maintain the integrity of the platform. The data feeding the platform comes from the devices that Avast protects as well as third parties and partners. These sources generate file samples which feed the apklab.io platform, whose first task is to assess if they are suspect or not.