[TECH] MOBILE APP ANTI-TAMPERING SOLUTION – TAMPERING
Tampering refers to app counterfeiting and modulation, or to illegally changing mobile Apps and ‘Anti-tamper’ describes the technology that attempts to protect against those attacks.
Tampering includes any unauthorized alteration of a normal App by a hacker.
hackers pursue financial or non-monetary benefits by stealing the original technology as well as sales information that the app possesses or by illegally reselling or using unauthorized content of additional services.
the apps you tamper with will be distributed under the guise of being the official apps, thereby taking away user’s information and making illegal financial or non-monetary profits.
Furthermore, hackers tend to build their own business models by allowing the app users to acquire paid content without permission and providing the falsified app to users whom in need by receiving certain amount of money.Here are some real cases of actual damage caused by tampering attacks.
1. Illegal capturing of personal information of service users through app tamperingA) Installation of a falsified app using black market distribution or malicious code in order to steal personal information.2. Extortion of money and important goods of service users through app modulationA) Use of forged app to extort points and sensitive contents held by service users.3. Extortion and change of critical information for services through app modulationA) Adjustment of the level of game characters’ ability
B) Modulation of proxy apps to intercept calls that do not meet one's requirements
C) Modulation of apps to steal company source technology and critical sales information
D) Release of source technology of services or important events by a competitor4. Falsification of app in order to convert in-app ads into those of hackers’
the reliability of the service can be decisively blown if user's personal information being stolen from the service. Of course, these falsified apps are not available in the official app store, so they are being distributed through private stores, private web pages or malicious code called a black market.
usually appears in game money, game items, gift certificates, and financial apps, and can be a major impact on services as financial damage is immediately apparent.
(We didn't provide further explanation as many of you are already familiar with the cases.)
can lead to destruction of balance of the service or gain of illegal benefits.
For example, hackers improve the level of capability in games, illegally acquire property in games through automatic entry, and intercept calls from proxy driving apps. A vivid instance of app tampering is shown when numerous special offers become available at a lower price in the rival companies as soon as a special promotion of hotel reservation starts can also be an instance of app tampering.
is an example of hacking that is usually found in free apps, where overseas hackers connect the ads to their own advertising accounts to steal one of the main revenue from app services, advertising revenue. Such incidents can also deal a direct financial blow to service companies.
Today's advanced hacking techniques make it easy to bypass the old-fashioned, vulnerable tampering detection technology.
Using a combination of two to three defense technologies, including modified code to increase bypass difficulty or to prevent the app from operating normally can effectively block tampering attacks.
In addition, because most of these tamper-proof technologies remember and examine the current state of completed packaging,
they often do not support situations where apps are changed by the system at the time of app store deployment as like Google app signing.
Therefore, when choosing anti-tampering solutions and technologies, it's important to select a solution that is technologically advanced and flexible enough to respond to any situation.