Threats of reverse engineering

Many malevolent attempts to exploit mobile apps for illegal benefits heavily depend on reverse engineering. App-specific vulnerabilities can certainly be devastating if their presences are learned by at- tackers. For example, a previous version of Uber’s mobile app was found vulnerable and therefore can be exploited to get unlimited free rides [1]. On the other hand, besides those specialized threats, there also exist attacks that are generally applicable to many apps.

Common kinds of attacks

Intellectural property theft

This is a longstanding problem bothering commercial software developers. The piracy of desktop software causes millions of dollars of yearly economic loss [13]. On mobile platforms, the problem may be even more severe, since the digital right management of mobile apps is usually delegated to central- ized app publishers and significantly relies on the security of the underlying mobile operating systems. If these systems are cracked (known as “root” for Android and “jailbreak” for iOS), attackers can easily pirate a large number of mobile apps in a short period.

Man-in-the-middle attack

By tricking users into connecting mobile devices to untrusted wireless networks or installing SSL certificates from unknown sources, attackers can intercept and counterfeit the communication between apps and servers [31]. After analyzing how apps process the data exchanged with servers, attackers can potentially control app behavior by forging certain server responses.

Repackaging

It has been reported that some cybercrime groups are able to reverse engineer popular social networking apps and weaponize them for stealing sensitive user information [20]. By developing information-stealing modules and repackaging them into genuine apps, attackers managed to create malicious mobile software with seemingly benign appearances and functionality. Contacts, chat logs, web browsing histories, and voice recordings are common targets of theft

Fraud, spam, and malicious campaigns

Nowadays, many apps employ anomaly detection to identify suspicious client activities and prevent incidents like fraud, spam, and malicious campaigns. This is usually achieved through collecting necessary information about users and their devices and fitting the collected data into anomaly detection models. Since the data are harvested on device, attackers can reverse engineer the mobile apps and find out what kinds of data are being collected. In this way, they may be able to mimic normal user behavior by fabricating false data of the same kinds on rooted and jailbroken devices.