"App obfuscation solution AppCAMO-Android provides additional RASP technologies such as Magisk detection, Frida detection, API hooking prevention, and memory hacking prevention as well as basic RASP technologies such as rooting detection, tampering detection, debugger detection, and emulator detection. Through these various RASP technologies, AppCAMO-Android strongly protects apps from hacking threats that may occur when running apps."
Currently, most app shielding solutions
provide basic RASP(Runtime Application Self-Protection) technologies such as root detection, tampering detection, debugger detection, and emulator detection.
However, powerful hacking apps/tools such as Magisk/Magisk Hide and Frida that
can disable these technologies may make apps vulnerable to hacking threats.
Magisk is a hacking app that disables the rooting detection technology by modifying or deceiving the files, permissions, and processes that are changed in the process of rooting so that they cannot be detected.
Frida is a Dynamic Binary Instrumentation framework that can monitor and modify the behavior of a running app, so
it can decrypt the source code of an encrypted app, and is a hacking tool that
can bypass rooting detection, etc.
 |
| Fig.1 Example of app hacking using Frida to bypass rooting detection |
AppCAMO provides additional powerful RASP technologies as follows.
Magisk/Magisk Hide detection(blocks bypassing root detection)
Magisk/Magisk Hide is a hacking app that disables the rooting detection by modifying or deceiving the files, permissions, and processes that are changed in the process of rooting so that they cannot be detected. Magisk detection is a self-defense mechanism that detects Magisk/Magisk Hide apps and prevents them from being hacked by shutting down on their own.
Frida detection(Hacking tool detection)
Frida is a tool used to test or fix problems by controlling apps running on various operating systems (Android, iOS, Windows, etc.), and is often used for hacking. With Frida, hackers can write scripts to change the behavior of an app to their liking. Frida detection is a self-defense mechanism that detects the execution of the Frida tool in the way recommended by OWASP and causes the app to terminate itself.
API Hooking Prevention
API hooking refers to detecting the function that the app calls for the function operation of the app, executing the function defined by the hacker when the function is called, changing the result value, or recording the call parameter. Using API hooking by Frida, hackers can make certain features of the app malfunction. API Hooking Prevention is a self-defense mechanism that prevents hacking by shutting down itself when API hooking is detected in the app or in an environment where API hooking is possible.
Memory hacking prevention
Memory hacking refers to reading a value that an app stores in memory while it is running, extracting information from the app or changing the value to cause the app to malfunction. Using memory hacking by Frida, hackers can control the score and stats of the game app, or steal information exchanged with the server. Memory hacking prevention technology is a self-defense mechanism that detects an environment where memory hacking is possible in an app and shuts itself down to prevent hacking.
"App shielding solution AppCAMO provides Multi-Layered Protection Technology that strongly blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States."
If you are interested in this solution or have any questions, please feel free to contact us below.
Mail : appcamo@appcamo.com
Tel : +82-2-6951-3296
Home Page : www.appcamo.com
No comments:
Post a Comment