How to Block Overlay Attacks on Android apps?
Appdome is a no-code mobile app security platform designed to add security features, like Overlay Attack Prevention to any Android apps without coding. This KB shows mobile developers, DevSec and security professionals how to use Appdome’s simple ‘click to build’ user interface to quickly and easily prevent overlay attacks.
Appdome’s Block App Overlay Attacks feature detects if a malicious overlay screen is placed on top of the protected application’s screen.
Appdome blocks Overlay attacks such as Anubis, BankBot, StrandHogg, BlackRock, Cloak&Dagger, Ghimob, Ginp, and MazarBot.
————————————————————————————————————————————-
Threat Events for Block App Overlay Attacks
When Appdome detects an Overlay Attack, the application will exit/close in order to protect itself (as the default action). Alternatively, developers can use Appdome Threat Events to achieve different enforcement actions when Appdome detects a threat.
Using Threat Events, when a threat is detected by Appdome, instead of the app exiting/closing, Appdome will pass the event back to the mobile application to handle enforcement, according to the enforcement action that you select at the time you build/secure the app on Appdome.
Appdome Threat-Events use industry-standard notification methods to pass security events between Appdome’s detection layer back to the mobile application, informing the app anytime a malicious event is detected and passing along information related to the threat using a key-value pair format.
————————————————————————————————————————————-
To start receiving Threat-Events for Block App Overlay Attacks, you need to register your app to listen for Appdome events using the following Threat Event names (key)
Threat Event Name for Block App Overlay Attacks: OverlayDetected
Visit this Knowledge Base article for details on how to implement Threat Events in your mobile application, and to download the specific code that is relevant for your application’s development framework.
3 Easy Steps to Block App Overlay Attacks on Android Apps
Please follow these 3 easy steps to protect Android apps against Overlay Attacks
- Upload an Android app to Appdome’s no code security platform (.apk or .aab for Android)
- In the Build Tab, under Anti-Fraud Toggle on Block App Overlay Attacks (shown below)
- (Optional) You can customize the App Compromise Notification message that will be displayed to the mobile user when Appdome detects a threat.
- (Optional) Turn-ON the Threat-Events toggle for Block App Overlay Attacks and select the desired enforcement action (‘In-App Detection’ or ‘In-App Defense’).
- (Optional) Using the Trust Specified Activities Only feature you can exclude certain activities from overlay detection by listing the particular class name of the activity you wish to exclude in the input box.
- Click Build My App
Congratulations! The app is now protected against Overlay Attacks.
Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android apps against Overlay Attacks. When a user clicks “Build My App,” Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.
Prerequisites to Block App Overlay Attacks
- Appdome account (If you don’t have an Appdome account, create a free Appdome account here)
- A license for Block App Overlay Attacks
- Mobile App (.apk or .aab for Android)
- Signing Credentials (e.g., signing certificates and provisioning profile)
No Coding Dependency
How to Sign & Publish Mobile Apps Secured with Overlay Attack Prevention
After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:
- Signing Secure iOS and Android apps
- Customizing, Configuring & Branding Secure Mobile Apps
- Deploying/Publishing Secure mobile apps to Public or Private app stores
Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome.
How to Learn More
Here are a few related resources:
How to Stop Click Bot attacks, Click Fraud on Android apps
How to Prevent abuse of Android AccessibilityService for compromising Android apps
How to Block Magisk Hide, Protect Android Apps From Root Hiding
How to Prevent non-approved Android, iOS app store publishing
Check out the Appdome Mobile Fraud Prevention solution page or request a demo at any time.
If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.