With hackers releasing a new jailbreak tool for every iphone or a rooting tool for every android device, it’s no wonder mobile wallets are hacked so often. I knew many who had their funds taken despite thinking their phones were safe with them. In reality, hackers remotely accessed their funds through elevated privileges that the owners did not grant (or in the case of malware, did not realize they had inadvertently granted). For a while, every time I went to a conference, I heard about someone’s mobile wallet getting hacked into.
In some cases, hackers may have jailbroken an iPhone or rooted an android device, or they have unlocked the device. In other cases, malware may have tricked users into granting elevated permissions or privileges. In either case, the main goal of jailbreaking/rooting is for the attacker to gain administrative control over the target environment. With administrative control over the mobile operating system, the hacker has free reign to attack the user or any application running on the device. It’s the first step of a downward spiral for the mobile app, leading to illegal transfer of funds or harvesting of confidential data (The steps are usually disabling security protections, intercepting sessions, tampering with app functionality, or accessing data stored inside the application unprotected. Jailbreaking/rooting makes performing each of these malicious tasks that much easier).
Tracking stolen funds in the cases I worked on with the FBI, though possible with products like the one I created for the crypto industry, didn’t always get back the funds. Even if the hacker could be identified, the hacker had to be in the US or a jurisdiction that the US worked closely with for hope of funds being returned to the victim. The victims I worked with found the hard way that protecting from theft and hacking is best.
Challenges Protecting Mobile Apps and eWallets against Jailbreaking and Rooting
While protecting against jailbreaking and rooting seems obvious, there are a number of practical challenges. While some challenges stem from the complexity of the problem, others have to do with embedding security in the process and organization. Some of the top challenges are:
- Coding jailbreak or root detection manually into the app may not be the first priority for an app developer. Nor is implementing an SDK straightforward. Both require time and expertise, things that many app developers may not have as they’re racing to get a new app to market. As a result, developers may wait until after they’ve developed all the functionality when they don’t have much to spend learning how to code in jailbreak or root detection.
- Hackers can use any number of free tools to hide their tracks. To avoid detection, hackers use tools like Shadow, FlyJB and Checkra1n, among many other tools. Hackers are also always coming with new tools ways to jailbreak or root a device, often on the day, a new release is out.
- Once a device is jailbroken or rooted, the device won’t tell if it has been compromised. That’s because on a jailbroken/rooted device, the entire security model is considered to be compromised and you can’t trust any of the signals coming from that device. Because on a compromised OS, the attacker can change any of those signals or disable other security protections.
Making Jailbreak and Root Prevention DevSecOps Ready
Protecting from jailbreak and rooting is not just another security feature. It needs to part of DevSecOps, or how organizations release security into new Android and iOS apps on a regular basis. Through DevSecOps, organizations don’t have to make tradeoffs between releasing new features and implementing mobile app security. They can have both because each group, whether it’s development, operations or security are coordinated in one continuous workflow.
- With Appdome, organizations can address the complexities of protecting from hackers who jailbreak or root devices other solutions don’t offer. Beyond simple jailbreak and root detection, Appdome provides different ways to respond, from having the app shut itself down to protect itself, to passing the event back to the app or to an external threat response system to enforce. Appdome gives developers the flexibility to enforce the corrective action that fits their specific use case or threat response model. Furthermore, with hackers ever-evolving, the attack surfaces ever-expanding, addressing the threat from external forces can be daunting. Appdome has the expertise and focus on the latest and most advanced jailbreak and rooting methods as well as jailbreak and root bypass & root hiding/cloaking methods – to protect your apps now and in the future.
- With Appdome, organizations can automate the process of protecting from hackers who jailbreak or root devices. Instead of waiting until the end of app development, you can code in iOS jailbreak prevention and Android root prevention at any time in your development process with a few simple clicks. No need to code. No SDK.
- With Appdome, organizations are using security best practices in a workflow used by the largest companies in the world with hundreds of releases each year. This workflow is so flexible that enables disparate, global dev, security ops teams to work together in a coordinated way that releases secure apps on time.
To embrace mobile DevSecOps and effectively protect from jailbreak and rooting, the entire organization must adhere to new, rapid release processes that meld the different disciplines, development, security and operations, into one continuous workflow. In the new DevSecOps workflow, it is critical that (a) actions be held by the group most capable of completing them, and (b) each group is accountable, transparent and, for its part, deliver with certainty in the release process. Appdome comprehensively protects from jailbreak and rooting at the same time it enables each group in the organization to deliver its part with certainty in the release process.
To see Appdome’s Jailbreak and Root Prevention in action, click here for a demonstration.