The page may not load correctly.
Name Length Field is a vulnerability in Google Android that theoretically enables cybercriminals to modify the application’s program package by embedding malicious functionality without damaging the digital signature. Applications for Google Android are distributed as files with .APK extension that are basically ZIP archives containing all components required for the application’s functioning. The vulnerability is caused by the particular methods of the Android operating system’s processing of the APK files’ contents during the application’s installation.
Dr.Web anti-virus for Android detects and removes malicious programs that use the Name Length Field vulnerability just after the beginning of the installation process. Thus, Dr.Web users are effectively protected from such Trojans.
Programs' installation packages for Google Android are files with the .APK extension, which, in fact, are common ZIP archives. Every application has its own digital signature. During the application’s installation process on the Android device, the APK archive’s contents are extracted and checked for compliance with the special list of archived files’ control sums.
To be able to use Name Length Field, it is necessary to implement certain changes into the structure of the program package. Moreover, the package should contain two files with the same name — an original file and a modified one. During such application’s installation, the original file is read by one of the Android’s operating system components. However, another component processes only the modified file, which is considered by the system the legit one.