A whopping 60% of financial services apps on the Google Play Store may be easy targets of application repackaging or cloning attacks. That’s according to new research from app security engine Promon. Given the rising consumer interest in using banking apps, the results may be a reason to worry. Let’s delve in.
What’s application repackaging?
Application repackaging enables criminals to use existing software like mobile apps and add their own code to the source code. This lets them modify the app’s functions and effectively repackage it. They can then perform additional functions and potentially steal user login information.
How is Google Play Store being affected?
Based on an examination of 384 financial services apps including banking, cryptocurrency and trading apps, Promon found that 236 were vulnerable to app repackaging. Some 154 of the vulnerable apps were banking apps. Of the 92 most downloaded financial services apps, 50% could be modified and repackaged.
Interestingly, vulnerabilities were fairly similar across different regions. E.g. among the most popular apps in the US, 37 out of 54 could be repacked. In the UK, some 45 out of 74 were vulnerable and in India 47 out of 69 could be manipulated.
So what did all the vulnerable apps have in common?
According to Promon, they all lacked features that could detect repackaging attacks.
“The susceptibility of APK files to tampering should be of great concern to the billions of users within the Android ecosystem who simply want to manage their finances from their mobile,” said Benjamin Adolphi, a software engineer at Promon who led the study.
- 60% of financial services apps on the Google Play Store may be easy targets of application repackaging or cloning attacks
- 236 of 384 tested apps were vulnerable to app repackaging
- Vulnerabilities were fairly similar across measurement regions