Mobile app attestation is a highly cryptographically secure method through which an app can be proved to be a genuine instance of the original app which was uploaded into the app stores. Preventing fake apps from entering the official app stores is probably impossible, as is stopping users from side-loading apps from other sources, but what can be done is to ensure that none of these bad apps can communicate with your backend systems. Utilize App AttestationĪttackers know that if they can get a fake app installed on your mobile device, they can manipulate your intentions as well as extracting valuable business and personal data. An effective API-protection tool must be able to verify that incoming API requests are coming from genuine mobile app instances which are operating in uncompromised runtime environments. It is therefore important to consider API security separately from mobile app security. In reality, a genuine mobile app is a hacking toolbox for bad actors since they can use it to architect and implement fake versions of the app.įurther, they can study the API requests/responses and quickly build a script which generates API sequences which are indistinguishable from genuine mobile app traffic. Many people believe that protecting mobile apps protects the APIs that they consume. These are three main methods that have proven effective defenses against mobile app impersonation: 1. Gartner’s research estimates that APIs will be the leading attack surface by 2022. Both attack vectors are based on scripts and use API keys which have been extracted from the mobile apps. It’s carried out by exploiting vulnerabilities or bugs in the APIs themselves, or by using valid credentials which have been stolen from other businesses – or bought on the Dark Web – in order to access back-end systems. API ManipulationĪPI manipulation is a mechanism aimed at stealing business or personal data, or gaming a company’s business for commercial gain. Or, the objective may be as simple as selling personal information on the Dark Web. Moreover, side-loading of apps is inadvisable but still happens, creating another attack vector.Ĭybercriminals use the information they steal for malicious purposes like account takeover, to redirect payments or to syphon off rewards points. Hackers collect sensitive information such as banking details, credit-card information and biometric information through the cloned applications.Īs much as Google Play has implemented more robust security measures, they sometimes prove ineffective because this is purely a cat-and-mouse game as soon as the rogue mobile apps get pulled out of the store, they come in again in another guise.
Hackers have found an opportunity through cloning applications by creating similar-looking applications that impersonate legitimate ones. Below are the two primary app impersonation methods identified in 2021: 1. Remember, the sole nefarious intent of a cybercriminal is to access user data, backend APIs and business information. In addition to the examples given above, app impersonation occurs in many other ways. Additionally, personal internet networks rarely have the kind of security measures available within an office environment, such as firewalls, which creates ample room for attackers to scrape business data.īelow we look at ways to identify app impersonation, tools to defend yourself from attacks and measures to put in place for better security.
Attackers also took advantage of COVID-19 fears to collect user data through fake tracking apps.Ĭybercriminals are capitalizing on the remote-work trend as more companies allow employees to access business applications through mobile devices.
#Fake app attack misleading application pro#
A clone called TikTok Pro came up immediately with malicious intentions to steal data from users’ devices. They then use the fake apps to collect data or credentials for malicious use.Īn example was when India banned TikTok.
#Fake app attack misleading application install#
They do this through app impersonation.įor instance, since Android lets users side-load and install apps downloaded from non-store sources, cyberattackers take advantage by creating clone apps that mimic legitimate ones. However, despite tight security measures by Google and Apple, cybercriminals still find ways to bypass these checks.
This makes sense, because they’re the official app stores for across the globe. Most users who install applications through legitimate channels such as the Google Play Store or the Apple Store do so with complete trust that their information is safe from malicious attacks.