AppCAMO-Android protects Native apps such as Java, Kotlin, and frameworks such as Cordova, Ionic, React Native against hacking
Mobile applications or apps are fast becoming a popular channel for organizations to serve their customers. The variety of mobile devices at very affordable prices and availability of internet connection contributed to the overwhelming use of apps by millions of people. In doing so, apps have become critical to these organizations’ success and survival.
Unfortunately, hackers have discovered that
apps can also be used for their criminal activities. Hackers can easily reverse
engineer mobile apps using decompilers to restore original source codes from
your apps and insert their code (often malicious or malware code) to them. The
malware can do a variety of actions from simply displaying unwanted and
nuisance advertisement to more serious actions such as stealing credentials,
cloning, bypassing license, financial fraud, remote control, and more, each of
which can lead to serious consequences.
 |
Fig.1 Mobile App Hacking Threats |
 |
| Fig.2 Mobile App Hacking Status |
The Most Powerful Mobile App Protector against Hacking
AppCAMO-Android is a powerful app security
solution that blocks hacking by applying various app security technologies
(decompilation prevention, encryption, obfuscation, repackaging prevention, etc.) hierarchically from
hacking threats caused by reverse engineering and tampering. AppCAMO-Android is easy and
convenient to use because you can select and apply security technology options
on the web browser with just clicks after uploading the APK or AAB file.
 |
Fig.3 Mobile App Security Solution AppCAMO-Android |
Over 20 App Security Technologies
AppCAMO-Android provides more than 20
security technologies that conform to OWASP(Open Web Application Security
Project), and is divided into static analysis prevention(Code Hardening)
technology and dynamic analysis prevention(RASP: Runtime Application Self
Protection) technology.
AppCAMO-Android's static analysis prevention(Code Hardening) technology protects APK or AAB files against hacking :
Decompile Prevention : It prevents hacking by deterring the restoration of source code from the most popular decompilers such as APKtool, Dex2Jar, Jadx, and APKtool extensions. It is the second strongest app security technology after code encryption. By preventing the source code from being exposed, it can block the possibility of tampering and prevent the exposure of sensitive information like algorithms. Since it does not affect the running speed of the app, it is recommended to apply this technology to all apps. When reviewing an app security solution, it is imperative to ensure that it offers this technology.
Repackaging Prevention : It prevents hacking by causing errors during rebuild, assuming that the source code of an app is extracted by a very powerful decompiler. And it can reduce greatly the chances of the app being tampered.
Name Obfuscation : There are class name obfuscation, method name obfuscation, and field name obfuscation. Obfuscation delays or prevents source analysis by making it difficult to analyze decompiled sources. Name obfuscation replaces the names of classes, methods, and member variables in the source code with meaningless values to prevent any semantics from being resolved from the identifiers. Because obfuscation technology basically assumes that there is a decompiled source, it is less secure than encryption technology or decompile prevention technology.
Code Encryption : It is the strongest app security technology and encrypts all DEXs(that is, all source code) so that the source code created by the developer is not exposed by the decompilers, and it decrypts and executes only in a safe environment during runtime. Android apps developed in Java or Kotlin are recommended to use it because most executable code is stored in DEX files. It encrypts components such as activities, services, intents, application classes, receivers, and content providers defined in the app's manifest file and all classes belonging to the app's package name defined in the manifest file.
String Encryption : It finds hard-coded strings such as server address, API key, user account, token, and etc in the source code of the app, and encrypts them. And it decrypts them only when the app is run in a secure environment. If a sensitive value such as a server address, an API key, a user account, or a token is exposed to a hacker, Not only can the server be attacked, but other secondary damage may occur. Therefore, this security technology is recommended for all apps by default.
Resource Encryption : It encrypts resources in asset folder such as images, data files, JavaScript, HTML, CSS, and etc. to prevent data leakage.
Hybrid App Encryption(JavaScript Encryption, WebView Encryption) : It encrypts a hybrid app(WebView) that support frameworks such as Cordova and Cordova extensions, Ionic, React Native. The hybrid app's critical behavioral logic is written in JavaScript, which resides in the resource area and is therefore not subject to name obfuscation or code encryption. In this case, this technology encrypts the JavaScript so that no code or data is exposed. Although it is highly secure and powerful, it is difficult to implement, so some vendors mainly provide JavaScript obfuscation or JavaScript string encryption.
Custom Hybrid App Encryption(Custom WebView Encryption) : It encrypts a custom hybrid app(WebView) that support custom frameworks.
Debug Information Removal : It removes the relevant area on the DEX so that method parameter names, local variable names, and line numbers on the original source code are not exposed when an app is decompiled, and it makes source analysis more difficult.
Logcat Log Removal : It prevents the output of logcat log messages written by developers for debugging purposes while developing an app. It is recommended to remove the logs because the logs written by developers can expose sensitive information such as personal information entered by users, response messages received from the server, or server API addresses.
Depending on the characteristics of the app to which the app security technology is to be applied, you can select and apply the app security technology options that prevent static analysis as above.
AppCAMO-Android's dynamic analysis prevention(RASP) technology detects and blocks hacking threats while the app is running :
Tampering Detection : It checks whether the source code or the files of an app have been modified. It prevents the app from running if the app is tampered.
Debugger Detection : It prevents the app from running if an app is being debugged.
Root Detection : It prevents the app from running if an app is run on a rooted device.
Emulator Detection(Virtual Machine Detection) : It prevents the app from running if the app is run in an emulator.
Root Hide Detection(Root Cloaking Blocking) : There are hacking apps like Magisk/Magisk Hide apps that disable rooting detection by modifying or deceiving the files, permissions, processes, etc. that are changed in the process of rooting so that they cannot be detected. If it detects these, the app will shut itself down to prevent it from being hacked.
Hacking Tool Detection(Frida Detection) : It detects the execution of the Frida and cause the app to shut itself down in the manner recommended by OWASP. Frida is a tool for testing and fixing problems by controlling apps running on various operating systems(Android, iOS, Windows, etc.). This tool is often used for hacking. With Frida, hackers can write scripts to change the behavior of the app as desired.
API Hooking Prevention : API hooking refers to detecting a function called by an app for the operation of a specific function of the app, executing a function defined by a hacker when the function is called, changing the result value, or recording the calling parameter. Using API hooking technology by Frida, the hacker can make certain functions of an app malfunction. The API hooking prevention is a self-defense mechanism that prevents hacking by self-terminating when API hooking is detected in the app or in an environment where API hooking is possible.
Memory Hacking Prevention : It detects memory hacking-enabled environments in the app and shut them down to prevent them from being hacked. Memory hacking refers to reading values that the app stores in memory while it's running, to steal information from the app, or to change the value, causing the app to malfunction. Using memory hacking technology by Frida, hackers can adjust the scores and stats of game apps, or extract information from the server.
Screen Capture Prevention : It prevents screen capture of an app. With this technology, capturing the app screen is blocked, and important information displayed in the app can be prevented from being leaked out to the outside. Use this technology if the app is developed for business and information should not be leaked outside.
Clipboard Copy Prevention : It prevents screen capture of an app. With this technology, capturing the app screen is blocked, and important information displayed in the app can be prevented from being leaked out to the outside. Use this technology if the app is developed for business and information should not be leaked outside.
Usage Time Control : It specifies the executable time of an app. If not the specified time, the app will be blocked from running. Use it if you want to limit the app to business hours only.
Depending on the characteristics of the app to which the app security technology is to be applied, you can select and apply the app security technology options that prevent dynamic analysis as above.
Solution Specifications
"AppCAMO-Android provides 4 Layered Protection Technology that fundamentally blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States."
If you are interested in this solution
or have any questions, please feel free to contact us below.
Mail : appcamo@appcamo.com
Tel : +82-2-6951-3296
Home Page : www.appcamo.com
No comments:
Post a Comment