"Mobile apps are very vulnerable to hacking because the source code of the app is easily exposed as a decompilation tool(reverse engineering tool). AppCAMO uses AppCAMO's static analysis prevention technology(code hardening) and dynamic analysis prevention technolog(RASP: Runtime Application Self Protection) when hackers try to hack mobile apps by static analysis and dynamic analysis. It protects mobile apps safely by thoroughly blocking hacking. AppCAMO-Android provides more than 20 static analysis prevention technologies and dynamic analysis prevention technologies that comply with OWASP, and AppCAMO-iOS provides more than 14 static analysis prevention technologies and dynamic analysis prevention technologies."
Mobile app shielding solution AppCAMO has proven its stability and security by being used in thousands of apps and 35 million smartphones every year through strategic R&D partnerships with large companies in Korea from 2014 to now. In addition to mobile carriers, customers continue to expand to fintech companies, financial companies, government agencies, large SI companies, physical security companies, railway companies, telecommunication service companies, software development companies, app development companies, government organizations, and local governments. In addition, we have been promoting overseas business and producing results in Southeast Asia since 2019.
 |
| Fig. 1 Mobile App Shielding Solution AppCAMO 4-Layered Protection Technology |
Today, we would like to tell you a security story about a service app in Southeast Asia that is similar to KakaoTalk in Korea. In Southeast Asia, apps are frequently hacked, so many cloned apps are used. In the case of F* app in Southeast Asian country, there are many duplicate apps, so internet phone traffic is high, but ARPU(average monthly subscriber revenue) is continuously falling. A major wireline operator which was providing internet phone service with this app requested app security consulting from AppCAMO, Inc., and AppCAMO, Inc. provided the following consulting.
 |
| Fig. 2 Android App Security Solution AppCAMO-Android Security Technologies |
In the case of an attack using an already exposed SIP server address or an attack using the API integration method, server security is required first, so securing only the app may not be effective in the attack. Therefore, we first identified how the hacker was attacking, and then took security measures in a way that suits the attack.
If AppCAMO technology is applied to the F* app, it prevents exposure of the server address, the method of interworking with the server, and the algorithm, and prevents the damage of using a tampered app for free. However, it was emphasized that complete security cannot be achieved unless the servers are changed together.
First, we identified the types of hacker attack. Here are the types of attacks:
The first is that the existing F* app was not secure, so a tampered F* app was distributed to users, and abnormal traffic was generated through this app.
Second, the hacker decompiles the existing F* app and creates a third app using the interworking method such as the server address or the format of data exchanged with the server, resulting in abnormal traffic.
Third, when you normally log in to the server using the existing F* app, the SIP server address received from the server was disclosed, and free traffic occurred through other SIP apps.
These types of attack have been identified and the following actions have been taken.
- Change the API server address that works with the F* app
The new version of the F* app has configured a new API server to communicate with, and the address and port used also need to be changed. If possible, we recommend using a different address and port for the SIP server.
- Launch a new F* app that communicates with a new API server
At this time, AppCAMO Code Hardening technology such as code encryption, string encryption, decompile prevention, and repackaging prevention, and AppCAMO RASP technology such as tampering detection, debugger detection, rooting detection, emulator detection, Frida detection, and Magisk/Magisk Hide detection must be applied.
- When communicating with the server in the new F* app, it is recommended to use HTTPS protocol and apply SSL pinning technology.
- Stop using the existing API server and F* app for a certain period of time.
 |
| Fig. 3 iOS App Security Solution AppCAMO-iOS Security Technologies |
In summary, by releasing a new server and a shielded new app, the server and information exposed through the existing F* app without security technology were invalidated. Through the new app to which AppCAMO, the mobile app obfuscation solution, was applied, it was possible to block the exposure of the method of interworking with the server and the exposure of the API address, and to prevent tampering of the app.
As a result of monitoring for 3 months through a new server and a AppCAMO shielded new app, free traffic was blocked and ARPU recovered again. Through the successful application of AppCAMO, we were able to increase customer satisfaction.
"AppCAMO-Android provides 4 Layered Protection Technology that fundamentally blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States."
If you are interested in this solution or have any questions, please feel free to contact us below.
Mail : appcamo@appcamo.com
Tel : +82-2-6951-3296
Home Page : www.appcamo.com
No comments:
Post a Comment