The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Konfety Android Malware

Jul 28, 2025 3:08:29 PM / by The Hivemind posted in Threat Bulletin, Evolving Threat, Konfety malware, Android evasion techniques, ad fraud operations, secondary DEX files, runtime injection, mobile security analysis, hidden APK components, mobile threat evolution, dynamic code loading, malware obfuscation

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: Campaigns abusing the CaramelAds SDK

Executive Summary

Konfety, a longstanding mobile malware, has resurfaced with enhanced evasion capabilities, including dynamic code loading and multi-layered obfuscation, to facilitate ad fraud while evading detection on Android devices. This evolution underscores the persistent challenge of concealed malicious logic in mobile applications, demanding advanced scrutiny from security teams.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More