Stop Mobile Malware with Checksum Validation and Anti-Tampering

Stop Mobile Malware with Appdome

Security tips for mobile application developers

Mobile malware developers are creating malware at an increasing volume, velocity and level of sophistication. I guess it’s because they’re bad guys, it’s what they do – to steal a line from Harley Quinn. And honestly they do it pretty efficiently because like most forms of malware, these mobile malware increases aren’t going unnoticed. In fact, Shaun Waterman wrote about this increase in a September 2016 piece for Fedscoop: Mobile malware had doubled since the beginning of the year.

The time to value and the risk vs. reward is simply too high for mobile malware developers to pass up. This has led to more mobile app developers embracing controls like anti-tampering and checksum verification to prevent mobile malware and to protect their apps.

What is mobile malware

Mobile malware generally comes via a malicious app with the purpose of stealing information, dialing premium-rate numbers or simply making devices unusable. In many cases a legitimate app is modified to include malicious code. The malicious version of the app then masquerades as the legitimate app, lying in wait for users to download and install the app.  This can impact Android devices and iOS devices, even if they aren’t rooted or jailbroken. Malicious apps are distributed through official channels such as the AppStore, Google Play and enterprise app stores. They of course are also downloaded through unofficial distribution sources such as BitTorrent.

So mobile malware developers get your apps, fill ’em with malicious code and distribute ’em to the world. You can’t easily prevent them from getting your app or even distributing your app. But, you do have control surrounding the, “fill ’em with malicious code” piece. As a mobile application developer you can make it very difficult to modify your apps successfully by leveraging security controls like checksum verification and anti-tampering.

Stop Mobile Malware with Checksum Validation

When you choose to add checksum validation to your app on Appdome, it builds your app with a checksum of the original, known, good version of your app. Then Appdome encrypts and embeds that checksum into the final, fused app. When the fused app runs it uses this checksum as an encryption key. That way if an attacker modifies your fused app and distributes it, the checksum validation process will fail and the app won’t run on the unsuspecting user’s device. Checksum validation is a feature in Appdome’s ONEShield app hardening solution.

Stop Mobile Malware with Anti-Tampering

Anti-tampering, as the name implies, is a ONEShield App Shielding feature that can be added to your app during the build process. Anti-tampering can detect if your app has been tampered with. It can prevent modifications of your app’s content and app binaries by encrypting your app’s application files, resources and assets.

Anti-tampering can also detect logic modifications at run-time. In the simplest terms, your app is supposed to execute following the structure A-B-C. But it has been maliciously modified and now follows the structure A-C-B or Z-A-X. Your fused app will detect the modifications and disallow the app from running. This is a great way to help ensure that the app you wrote is the app being used without malware or other malicious modifications added. In short, it helps in keeping the bad guys out.

Thanks for reading! This blog is part of a series focused on security tips for mobile application developers. While it’s not intended to be an exhaustive analysis of security issues or the Appdome platform, it’s my intent to use this blog series as a platform to help mobile application developers become more security-aware. I hope you found this information useful. Happy fusing!

Have a question?

Ask an expert

DafnaMaking your security project a success!

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Build What You Love Automate What You Don’t

Drop us a line and keep in touch