Our friends at Arxan, a company that specializes in mobile payment security and application protection, have shared a list of videos on how applications are hacked.
The first step in defending against mobile application attacks is to see just how easy it is for a hacker to tamper with an application’s code. The “How to Hack an App” video series includes a handful of short clips (1-2 minutes long), each demonstrating how to perform an attack with the use of readily available tools.
iTunes Code Encryption Bypass
- See how easy it is for hackers to bypass iOS encryption to progress a mobile app attack. (Watch Video)
Android APK Reverse Engineering
- Watch how hackers can easily reverse engineer binary code (the executable) back to source code — which is primed for code tampering. (Watch Video)
Algorithm Decompilation and Analysis
- See how “Hopper” is leveraged to initiate a static, springboard attack for counterfeiting and stealing information. (Watch Video)
Baksmali Code Modification
- Learn how hackers can easily crack open and disassemble (Baksmali) mobile code. (Watch Video)
Reverse Engineering String Analysis
- Watch how hackers use strings analysis as a core element for reverse engineering. (Watch Video)
Swizzle with Code Substitution
- Learn how hackers leverage infected code to attack critical class methods of an application to intercept API calls and execute unauthorized code, leaving no trace with the code reverting back to original form. (Watch Video)
Understanding application internal structures and methods via Class Dumps
- Learn how hackers use this widely available tool to analyze the behavior of an app as a form of reverse engineering and as a springboard to method swizzling. (Watch Video)