Just over 60% of financial services apps available on the Google Play Store are susceptible to application repackaging, or cloning, attacks.
Promon compiled the research of 384 financial services apps, which includes banking, crypto, trading, payment, government services and other financial services. It found that 236 of these apps were vulnerable. Of these, 154 were banking apps.
Application repackaging allows bad actors to take an existing piece of software, such as a mobile application, and inject their own code on top of the existing source code. This allows them to modify the app’s function and ‘repackage’ it.
As a result, the app can perform additional background tasks outside of the intended functions, such as credential stuffing, where a user’s login information is stolen.
The report also assessed the most downloaded financial services apps. Of these 92 apps, 50% were successfully able to be modified and repackaged.
Promon also tested the most popular apps within certain regions. Of the most popular apps in the US, Promon found that of the 54 apps tested, 37 (68.5%) were able to be repackaged.
As for the UK, it tested 74 and found 45 vulnerable, while in India 69 apps were tested and 47 were susceptible.
The CyberTech company said that all susceptible apps shared commonalities. Every app lacked components to detect if repackaging has occurred. This omission means they are vulnerable but that there is no way to recognise if the attack took place.
Benjamin Adolphi, software engineer at Promon responsible for the research, said, “For years now, Android users have been by far the biggest victims of banking malware. The ease of access provided by Android’s SDK has benefited developers but sadly has not gone unnoticed by many cyber criminals.
“The susceptibility of APK files to tampering should be of great concern to the billions of users within the Android ecosystem who simply want to manage their finances from their mobile.”
In other CyberTech news, a report from the US Treasury found that US financial institutions experienced nearly $1.2bn in costs associated with ransomware attacks in 2021.
Copyright © 2022 FinTech Global