I downloaded an apk from mobilism and before I install it, how do I go about ensuring it’s not malware or an unsafe app? I’m all for buying apps but I hate all these subscriptions…
Android is not really at risk when using an up to date os and not giving the app sensitive permissions. Android apps are sandboxed and canot do much without permissions. If you want to be sure, use virustotal as other recommended in the thread. Also maybe avoid sketchy sources
I usually analyze apps using apktool (some are obvious), and install on the phone and block the app’s internet connection. Not sure how it works for your device but I’m able to block it in Settings on LineageOS 18.1.
I use App Manager (f-droid) to look at the app for permissions, trackers, and activites that look sketchy for the app to be using.
Unzip the apk and look through the filesystem. Some malware will be obvious.
Install the APK on an android development vm and use it for a bit. Maybe give it a week to start showing ads and stuff. Maybe try capturing network traffic and try to determine if it’s legit.
If you don’t need network access use netguard or some other local firewall to disable network traffic for the app and just use it normally
Back up your important stuff and be ready to wipe your device if you notice any bad behavior. Of course some malware doesn’t show itself at all, so you may never know.
I downloaded an apk from [random sketchy site]
🙄
Mobilism is not some random sketchy site. It’s been a very popular forum for many years now. It has strict moderation and reputation-based profiles.