Have you recently downloaded an APK file from a third-party website? After downloading the file you may have scanned the file for malware on Virustotal. The scan results on VirusTotal may have detected an issue called Android.PUA.DebugKey. Now, you’re curious to know about Android.PUA.DebugKey.
In this article, I will explain Android.PUADebugKey in simple terms and also answer all of your questions related to it. I will also show you the methods to fix this issue and how to stay safe while using third-party sources to download APKs. So, let’s begin…
What is Android.PUA.DebugKey?
Android.PUA.DebugKey is a warning that comes up after scanning APK files on online scanners like VirusTotal. It means that the APK you downloaded is using the debug signature provided by Android Studio. The debug signature provided by Android Studio is only used for testing purposes. Android developers sign their APK files with their personal signature before releasing their apps on Google Play Store.
Now, if you download a MOD APK file from a third-party developer then they use the debug signature provided by Android Studio. These mod developers cannot access the original signature used by the developer of the app they modified. So, in this case, you’ll see an error something like this:
Is Android.PUA.DebugKey a virus?
Are you worried that Android.PUA.DebugKey can be a virus? Most of the time, it’s not. As you know that Android.PUA.DebugKey is caused by unmatched signatures and doesn’t relate to any malicious activity. So, most of the time when VirusTotal detects Android.PUA.DebugKey in an APK file is considered a false positive. However, I am not saying that it is completely safe to use apps. Android.PUA.DebugKey detection means that the app is being modified and a malicious actor may have inserted some malware in the app. I would suggest you look for another APK and only install it if you trust the developer.
Is Android.PUA.DebugKey safe?
As you’ve already understood the meaning of Android.PUA.DebugKey is not very harmful. Most of the time, VirusTotal detection of Android.PUA.DebugKey is a false positive. So, you can consider it safe and install apps if they are from a trusted developer. It is mostly detected in a modified version of APK where the original signature doesn’t match with the developer.
How to Fix Android.PUA.DebugKey?
If you want to fix Android.PUA.DebugKey issue, follow this tutorial:
- Download the APK file on your Windows or Linux PC
- Install JDK and apktool on your Windows or Linux PC
- Move downloaded APK to apktool folder
- Run apktool.jar to extract code from APK
- Edit the strings.xml and classes.dex file
- Replace the debug signature with the original signature(if you have one)
- Compile the Project and you fixed Android.PUA.DebugKey successfully
If you do not have a PC, you can use apktool on Termux or just install ApkTool M on your Android phone. In APKTool M, you get a GUI version or apktool.jar which doesn’t require you to install Java to decompile an APK. It comes with a code editor that helps you to edit code right in the app and compiler the project. After compiling the project, you’ll get the modified APK file with original signature that you’ve replaced.
Found this tutorial is helpful then please share it on social media and public forums like Reddit. You can ask your questions and give feedback in the comments section below. Follow us on Twitter and Telegram for the latest news and updates regarding Android and Google.
If you have any exclusive news tips for us then please share them with us through email at [email protected]. You can also message me on Twitter for a quick conversation and send news tips.