How to Protect Android Apps Against FjordPhantom

Last updated January 29, 2024 by Appdome

Learn to Detect FjordPhantom in Android apps in mobile CI/CD with a Data-Driven DevSecOps™ build system.

What is FjordPhantom?

FjordPhantom is a malicious malware designed to target banking apps by leveraging a combination of virtualization techniques, dynamic code injection, and a variety of Java and POSIX API hooking techniques. Spread primarily through email, SMS, and messaging apps, it combines app-based malware with social engineering to defraud banking customers.
Victims are prompted to download an app that resembles their bank’s legitimate app. In reality, the downloaded app encapsulates the original bank’s Android app and runs it in a virtual environment with additional components that help with bypassing traditional safeguards thus allowing attacks on the app. The malware enables the attacker to monitor the user’s actions, and either guide the user to perform a transaction or utilize the process to steal credentials. The attacker then uses these credentials to launch additional attacks.

How Does Appdome Protect Against FjordPhantom?

Taking all the above into consideration, Appdome ensures that your Android app remains protected against FjordPhantom using the following protection methods:

  1. Anti Virtualization
  2. Detect Hooking Frameworks
  3. Prevent Code Injection

To learn more about how to activate these security protections in your mobile apps, please refer to the related articles section of this knowledge base article.

Related Articles:

If you have any questions, please send them our way at or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.


Want a Demo?

Know Your Customer

AlanWe're here to help
We'll get back to you in 24 hours to schedule your demo.