What are Android APK files and why do they put your smartphone at risk

Acronym for Android Application Package, they are archives with all the resources needed for apps to work, they can contain unpleasant surprises

When you want to install a program on a Windows-based computer you should look for a file with ".exe" extension, double-click on it and follow the installation procedure. In the case of an iMac or MacBook, you should look for a file with the extension ".dmg", double-click on it and follow the on-screen instructions.

In the case of smartphones the matter is different. When you want to install an application, you visit the online store (App Store for iPhone, Google Play Store for Android devices), click on "Download" or "Get" and wait for the system to complete the operation. This, at least, is what the vast majority of users are used to: few know that Android, like Windows and macOS, allows you to install apps outside the Play Store. All you have to do is download an APK file from a trusted source to your smartphone or tablet, open the file and follow the installation procedure.

What are Android APK files

Android APK files are the equivalent of ".exe" files for Windows or ".dmg" for macOS and allow you to install new software inside your smartphone or tablet. Acronym of Android Application Package, they are archive files in which you can find all the files and elements necessary for the installation and operation of the app you have chosen. There are several reasons why you might want to install apps from APK files on your device: maybe you are a software development enthusiast and want to test alpha or beta versions of your favorite apps; or you are looking for programs that are not available in the country where you live (not all apps available in the Play Store can be installed in Italy).

Unlike computer operating systems, however, installing APKs on Android is more complex than installing software. You will have to authorize the installation of apps from unknown sources (in fact, unofficial apps that are not always present in the Google Play Store), thus exposing your device to dangers of various kinds and nature.

Why Android APK files are dangerous

As it happens with computer software, to install APK files in Android you will need to download them from the Net. However, not all the sources you download from are reliable: it might happen that an APK file downloaded from an unreliable site hides malicious code. Simply put, an apparently "legitimate" APK file could be hiding Android malware that you're going to voluntarily install on your device.

It often happens, in fact, that hackers and cybercriminals "disguise" Android viruses and trojans inside APK files, passing them off as free versions of paid apps or something like that. The reason for this is simple: while apps in the Google Play Store are checked and scanned before being installed on the device, APK files downloaded from the web can be created by anyone and for any purpose. Permission to install apps from unknown sources further lowers the "defenses" of your Android smartphone or tablet, exposing it to possible cyber attacks.