Please enable JavaScript.
Coggle requires JavaScript to display documents.
MOBILE APPLICATION ATTACK VECTOR (App vulnerabilities (Secure application…
MOBILE APPLICATION ATTACK VECTOR
Jailbroken/rooted devices
Bypassing OS control gives unrestricted access to all aspects and features on the device.
This is a double-edged sword.
App repackaging
This is a significant problem in the Android space. Rogue developers repackage legitimate apps with malware.
Users may still get the functionality of the original app and be unaware of the background malicious activity.
Drive-by downloads
This is a recent development in the mobile space, where accessing infected sites results in malicious apps being installed without user knowledge.
these sites are safe for regular browsers, but automatic download and installation of an application can be triggered while using smartphone browsers.
Apps from untrusted sources
It doesn’t get worse than downloading and installing and untrusted/unsigned repackaged app from non-regulated app marketplaces
Users take grave risks in installing apps whose provenance is unknown, via SD cards, third-party application stores or even as email attachments.
Operating system/device vulnerabilities
OS/device firmware vulnerabilities are often exploited by rogue developers while compromising devices.
use updated antivirus packages and ensure that devices are updated with all relevant OS and firmware updates.
App vulnerabilities
Secure application development for mobile platforms is still immature
Insecure coding can lead to apps acting as a conduit through which malware and attackers gain control of your device.
Reputed developers ensure that their apps undergo multiple levels of testing before release to minimize chances of compromise.