App shielding solution AppCAMO-iOS strongly protects iOS apps from threats that may occur when running iOS apps, by not only providing RASP(Runtime Application Self-Protection) such as jailbreak detection, debugger detection, and emulator detection, but also providing additional RASP that detects Hestia Tweak & Shadow Tweak which bypass jailbreak detection, and the hacking tool Frida,
In this blog, we inform you that AppCAMO-iOS provides technology to detect Frida, the most used and powerful hacking tool by hackers.
 |
| Fig.1 App Security Solution AppCAMO-iOS Features |
Frida is a Dynamic Binary Instrumentation (DBI) framework that can monitor and modify the behavior of running apps, allowing to decrypt the encrypted source code of apps, to hook APIs and bypass jailbreak detection, and more. When diagnosing vulnerabilities in mobile apps or when hackers attempt hacking, Frida, a relatively easy-to-use and powerful hacking tool, is often used.
 |
| Fig.2 FRIDA Logo |
Hackers or attackers can use scripts written in Frida to find vulnerabilities in iOS apps and make them perform their desired functionalities, putting iOS apps at risk.
There are various ways to detect Frida
(Frida library detection, Frida server detection, Frida binary detection, Frida
segment detection, etc.) that provide jailbreak detection bypass for iOS apps.
Among them, two that are available on GitHub are as follows.
Check whether the Frida library is loaded in the process.
This detection method starts by checking which dylib is currently loaded by calling functions such as _dyld_image_count() and _dyld_get_image_name(). This method makes it extremely difficult to patch dynamically because the patches themselves are part of the dylibs.
 |
| Fig.3 Frida Detection Example 1 |
Check if the process has been tampered with
This detection method detects Frida by checking code integrity.
 |
| Fig.4 Frida Detection Example 2 |
The above Frida detection methods are
already known technologies. AppCAMO-iOS' Frida detection combines and
integrates several technologies to ensure that Frida detection cannot be easily
bypassed. The more diverse and complex the Frida detection methods are, the
more difficult it is to bypass them. AppCAMO-iOS provides highly advanced Frida
detection.
App
security solution AppCAMO provides Multi-Layered Protection that strongly
blocks app hacking, and has world-class app security technology by providing
app hacking detection even during runtime. We are expanding our sales not only
domestically but also to overseas markets such as Southeast Asia and the United
States.
If you are interested or have any questions
about this solution, please contact us below at any time.
Mail: appcamo@appcamo.com
Phone: +82-2-6951-3296
www.appcamo.com
No comments:
Post a Comment