Yoodley is reader-supported. When you buy through links on our site, we may earn an affiliate commission.
If you ever look over the Internet for the APK of an application that is not available on Google PlayStore or other pre-built application downloader on your device, you will stumble across APKMirror at least once.
If you haven’t used the website before, it is obvious for you to ask – Is APKMirror safe?
Downloading an APK or an Android Application Package can be a somewhat risky and equally daunting task if you do not source it from a safe and trusted application or website.
In the specifics of this article, we will discuss whether APKMirror is safe or not and a lot more on APKs and APK Downloaders, in general.
What is APKMirror?
APKMirror is a free-to-use service that allows you to download Android Application Package files or APK Files for various applications. APKMirror hosts an extensive library of APK files, some of which may not be available on Google PlayStore and other official application downloading services.
Launched in 2014, APKMirror is developed by the same people who have put work behind creating the incredibly popular android news and help portal, AndroidPolice. APKMirror and Android Police are both owned by Illogical Robot LLC, which is the umbrella company for both the applications.
You can find an application by its name and developer name on APKMirror. You can see detailed information about the app if you open it. You can also view the version detail, size, requirements, and uploaded date, along with the DPI of the application.
The signature that matches with the original application is shown on APKMirror as well. The user can download the app on their computer or mobile device with a scanning of the QR code. That is how easy and feasible the downloading of an application is made by APKMirror.
When you download an application through APKMirror (the APK file), and the application later receives an update from Google Play Store, the latest version of the application will be downloaded automatically.
Is the APKMirror Safe?
If we answer the question in all simplicity and briefness, yes, APKMirror is a fairly safe and reliable application website.
However, since APKMirror is a user-uploaded application website, there is always a risk. To eliminate and minimize this risk of safety and security, APKMirror ensures that every application uploaded on their website is manually checked by a team of professionals who vet the application on certain standards. This ensures whether the application is safe for usage on your device or not.
If you are sideloading an upgrade of an app from APKMirror (an upgrade which is not available on Play Store), the applications are matched with the existing versions of the same type. If they match, only then are the upgrades published on APKMirror. If not, the developer of the application is contacted from APKMirror’s end for validation and if the legitimacy of the app is not found, then APKMirror does not publish the upgrade, to begin with.
This means that all upgrades (especially those not available on Play Store) are vetted by APKMirror before being published. This is yet another evident assurance of how safe APKMirror is.
For any beta versions of applications you see on APKMirror, they are checked for safety as well. APKMirror also analyses the credibility of the description of the beta version of the application and also checks the license of the developer, if necessary.
Lastly, yet another way to know if any service or application is good or not (safe, in this context), the most assuring method is to check real user reviews. As for APKMirror, we went through a significant number of user reviews, and amongst the APK-downloading community, APKMirror has a stellar reputation, which also translates to it being tight on safety.
How does APKMirror ensure safety of the APKS?
How exactly does APKMirror ensure the safety of APKs that are put up on their website? Here is a list of measures APKMirror takes (as per the website itself) to ensure that the APKs on its website are safe to download and credible:
- APKMirror makes sure that new versions of the old apps have the same cryptographic signatures as the original ones, so we know if the uploaded files are legit or not.
- From the day it was introduced, APKMirror.com has been protected from what can be termed as ‘Janus vulnerability’.
- The site tries to match signatures of existing apps to new ones for new ones that haven’t been uploaded to the site. If there is a match, it means that the same key was used to sign a previously known legitimate app, and is therefore safe.
- They also try to get and compare a version of the same app from the Play Store or another verified location if they don’t see any matches to the APK uploaded. If it’s a beta, they will try to get into it. APKMirror also tries to get in touch with the developer if the team can’t get into the beta version of the application.
- As simple as it is, APKMirror will not publish a new application if they can’t verify its legitimacy.
Is APK splitting supported by APKMirror?
APK splitting can’t be supported by APKMirror at the moment. This is done because APKMirror understands it is important to make sure that everything is collected correctly and that the installation is simple for everyone. All the parts that belong to the application, including the base, are thus guaranteed to be included at APKMirror.
You can find updates and upgrades of the apps here if you like the newer one, as well as older versions to help you uninstall the newer one if you don’t like it.
Besides APKMirror not allowing the splitting of APKs, it also checks the credibility of every new upload by any developer, while looking for a cryptography signature in case of an upgrade to a previously hosted application on APKMirror.
Another advantage of not supporting splitting APK is that the functionality of the app will not be affected if the apk file is deleted, since the APK file is installed in the system.
How to check if an APK File is safe?
The amount of control given to users by the Android’s OS is one of the things that makes it such a great operating system. On the other hand, if you want to install apps on an iPhone or any iOS device, you have to either download them from the App Store or use a tool to modify the phone, or jailbreak it.
With Android, however, you can sideload an application if you do not wish to use Google Play for the same, or the application is not available on Play Store.
You can do this by copying the app on your phone, enabling unknown sources in the privacy settings, and installing the app that’s been packaged in the APK file.
However, the one disadvantage of this level of simplicity and accessibility to sideload applications is that you are always at a risk of downloading unsafe applications on your phone.
Downloads via the Google Play service are the safest option for users of the Android operating system. If you don’t use Play Store, you’re more likely to have a potentially harmful application on your device, based on the data from the Android security team.
Be it APKMirror, or any other safe third-party application downloader, taking precautions of your own to protect the device you are downloading the application on is your safest bet.
At the base of all precautionary measures is the ability to understand which APKs are safe. To determine which APKs are safe, there are two checks that you can run:
- Virus Check
- Hash Check
Here are a few simple ways to carry out the aforementioned tasks:
Checking the APK file for viruses, before extracting and installing the contents of the package into your device is indispensably important. There are a number of third-party applications as well as websites that let you scan the APK file to check for viruses and other issues associated with it.
Below we have enlisted two reliable tools that can effectively scan your APK file:
You can check your app files for viruses and other issues on the VirusTotal website.
There’s a lot of praise for VirusTotal’s effectiveness online. It is a non- commercial entity, and was acquired by Google in the last few years. The data is gathered from various tools and users and is summarized in the aggregated data.
The one caveat is that the all APKs you are looking to scan must be under 128MB, so if you have downloaded an APK for some game that has a large APK file, this tool will fall short on scanning it.
Follow the steps below to use VirusTotal:
- Open the site.
- Click on the option that says Choose File, then choose your file in the dialogue box.
- Click on the ‘Scan It!’ option to view the analysis of the APK.
NViso operates similarly to VirusTotal, but the major point of difference is that there’s no limit to the file size, and there is a detailed report on the file you have. This gives it an edge over VirusTotal. This tool is recommended by many forums and it works quickly and easily.
To use NViso, follow the steps below::
- Go to the NViso ApkScan site.
- The site functions with a drag=and-drop interface. Thus, drag the file you wish to scan and drop it onto the site.
- Click on ‘Scan package’.
If you like, you can leave the site by entering your email ID and tick the e-mail box. You will receive the results in your mail. The results are detailed, starting with a risk rating, and showing you the permissions that the app asks for, as well as general information such as its MD5 and SHA256 hashes, and file size, helping verify the authenticity.
You can check the hash of the app to see if it’s the right one. If the app you’re looking for has its SHA publicly mentioned by the developers, you can compare that with the SHA of the app you have. You’re safe if the two matches are close.
If you want to look up the information on hash for your APK using NViso, but if you need it done on your phone, you can use Hash Droid:
To use Hash Droid, follow the steps below:
- Install Hash Droid from Google Play.
- Launch the app and select ‘Hash a File’.
- Now, select the option ‘Select a hash’; choose SHA-256.
- Choose the APK file you want to check, and finally click on ‘Calculate’.
This will show you the long string that looks similar to the one you see below:
That is the original Pokemon Go hash, in case you are wondering!
You can use this method to see if the app is safe to install and compare the hashes of APKs and what the publishers have revealed.
The users uploaded their applications on APKMirror, thus, it is possible for the files to be manipulated and corrupted. However, to eliminate this risk, every APK on their website has been checked by APKMirror. They have software that checks for malicious activity as well as staff that physically checks the application to make sure it is safe to run on your device. Thus, it is safe to say that APKMirror is one of the safest and most reliable third-party application downloading websites.