diff --git a/README.md b/README.md
index 11f8d7f..5565652 100644
--- a/README.md
+++ b/README.md
@@ -65,6 +65,7 @@ Credits
- Nex (@botherder) for extra databases (CC BY-SA 4.0)
- Amnesty International for extra databases (CC BY 2.0)
- Echap for extra databases (CC BY 4.0)
+- MalwareBazaar for extra databases (CC0)
- RecursiveFileObserver.java (GPL-3.0-or-later): Daniel Gultsch, ownCloud Inc., Bartek Przybylski
- GPGDetachedSignatureVerifier.java (GPL-2.0-or-later): Federico Fissore, Arduino LLC
- Petra Mirelli for the German/Spanish/Italian translations, the app banner/feature graphic, and various tweaks.
diff --git a/app/build.gradle b/app/build.gradle
index 1c0887e..d670df7 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -6,8 +6,8 @@ android {
applicationId "us.spotco.malwarescanner"
minSdkVersion 16
targetSdkVersion 32
- versionCode 105
- versionName "2.32"
+ versionCode 107
+ versionName "2.33"
resConfigs 'en', 'af', 'de', 'el', 'es', 'fi', 'fr', 'it', 'pl', 'pt', 'ru', 'tr', 'zh-rCN'
}
buildTypes {
diff --git a/app/src/main/java/us/spotco/malwarescanner/Database.java b/app/src/main/java/us/spotco/malwarescanner/Database.java
index 892922a..1b0cccc 100644
--- a/app/src/main/java/us/spotco/malwarescanner/Database.java
+++ b/app/src/main/java/us/spotco/malwarescanner/Database.java
@@ -107,6 +107,9 @@ class Database {
signatureDatabases.add(new SignatureDatabase(baseURL, "eset.hdb.gz"));
signatureDatabases.add(new SignatureDatabase(baseURL, "eset.hsb.gz"));
}
+ if (prefs.getBoolean("SIGNATURES_MALWAREBAZAAR-ANDROID", true)) {
+ signatureDatabases.add(new SignatureDatabase(baseURL, "malware_bazaar.hsb.gz"));
+ }
if (prefs.getBoolean("SIGNATURES_CLAMAV-MAIN", false)) {
signatureDatabases.add(new SignatureDatabase(baseURL, "main.hdb.gz"));
signatureDatabases.add(new SignatureDatabase(baseURL, "main.hsb.gz"));
diff --git a/app/src/main/java/us/spotco/malwarescanner/MainActivity.java b/app/src/main/java/us/spotco/malwarescanner/MainActivity.java
index 7d1eb45..3386a4b 100644
--- a/app/src/main/java/us/spotco/malwarescanner/MainActivity.java
+++ b/app/src/main/java/us/spotco/malwarescanner/MainActivity.java
@@ -150,7 +150,8 @@ public class MainActivity extends Activity {
localizeDBDescription("ESET\n • SIZE: SIZE_SMALL\n • LICENSE: BSD 2-Clause\n • AUTHOR: ESET\n • SOURCE: https://github.com/eset/malware-ioc\n"),
localizeDBDescription("Targeted Threats\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY-SA 4.0\n • AUTHOR: Nex\n • SOURCE: https://github.com/botherder/targetedthreats\n"),
localizeDBDescription("Amnesty Tech Investigations\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 2.0\n • AUTHOR: Amnesty International\n • SOURCE: https://github.com/amnestytech/investigations\n"),
- localizeDBDescription("Stalkerware\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 4.0\n • AUTHOR: Echap\n • SOURCE: https://github.com/AssoEchap/stalkerware-indicators")};
+ localizeDBDescription("Stalkerware\n • SIZE: SIZE_SMALL\n • LICENSE: CC BY 4.0\n • AUTHOR: Echap\n • SOURCE: https://github.com/AssoEchap/stalkerware-indicators\n"),
+ localizeDBDescription("MalwareBazaar\n • SIZE: SIZE_SMALL\n • LICENSE: CC0\n • AUTHOR: Abuse.ch\n • SOURCE: https://bazaar.abuse.ch")};
final boolean[] databaseDefaults = {
prefs.getBoolean("SIGNATURES_CLAMAV-ANDROID", true),
prefs.getBoolean("SIGNATURES_CLAMAV-MAIN", false),
@@ -158,7 +159,8 @@ public class MainActivity extends Activity {
prefs.getBoolean("SIGNATURES_ESET", true),
prefs.getBoolean("SIGNATURES_TARGETEDTHREATS", true),
prefs.getBoolean("SIGNATURES_AMNESTY", true),
- prefs.getBoolean("SIGNATURES_STALKERWARE", true)};
+ prefs.getBoolean("SIGNATURES_STALKERWARE", true),
+ prefs.getBoolean("SIGNATURES_MALWAREBAZAAR-ANDROID", true)};
Dialog databaseDialog;
AlertDialog.Builder databaseBuilder = new AlertDialog.Builder(this);
@@ -173,6 +175,7 @@ public class MainActivity extends Activity {
prefs.edit().putBoolean("SIGNATURES_TARGETEDTHREATS", databaseDefaults[4]).apply();
prefs.edit().putBoolean("SIGNATURES_AMNESTY", databaseDefaults[5]).apply();
prefs.edit().putBoolean("SIGNATURES_STALKERWARE", databaseDefaults[6]).apply();
+ prefs.edit().putBoolean("SIGNATURES_MALWAREBAZAAR-ANDROID", databaseDefaults[7]).apply();
});
databaseDialog = databaseBuilder.create();
diff --git a/app/src/main/res/values/arrays.xml b/app/src/main/res/values/arrays.xml
index 474c196..b838676 100644
--- a/app/src/main/res/values/arrays.xml
+++ b/app/src/main/res/values/arrays.xml
@@ -21,6 +21,7 @@
- • Nex (@botherder): Signature Databases
- • Amnesty International: Signature Databases
- • Echap: Signature Databases
+ - • MalwareBazaar: Signature Databases
- • RecursiveFileObserver.java: Daniel Gultsch, ownCloud Inc., Bartek Przybylski
- • GPGDetachedSignatureVerifier.java: Federico Fissore, Arduino LLC
- • Google: App Icon
diff --git a/fastlane/metadata/android/en-US/changelogs/107.txt b/fastlane/metadata/android/en-US/changelogs/107.txt
new file mode 100644
index 0000000..4c9738e
--- /dev/null
+++ b/fastlane/metadata/android/en-US/changelogs/107.txt
@@ -0,0 +1,2 @@
+* New database with 60k+ signatures from MalwareBazaar by abuse.ch
+* @Manuel-Senpai for updated Spanish translations.
diff --git a/scripts/0malware_bazaar-android.sh b/scripts/0malware_bazaar-android.sh
new file mode 100644
index 0000000..70407a9
--- /dev/null
+++ b/scripts/0malware_bazaar-android.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+#License: GPLv3
+#Description: Hypatia conversion script for https://bazaar.abuse.ch/export/csv/full/ (CC0)
+grep "\"apk\"" full.csv | awk '{ print $3 } ' | sed 's/^"//' | sed 's/",$/:0:MalwareBazaar/' > malware_bazaar.hsb;
+gzip *.hsb;