Test ability to evade automated mobile application security analysis performed by app stores
|Test ability to evade automated mobile application security analysis performed by app stores|
Many mobile devices are configured to only allow applications to be installed from the mainstream vendor app stores (e.g., Apple App Store and Google Play Store). An adversary can submit multiple code samples to these stores deliberately designed to probe the stores' security analysis capabilities, with the goal of determining effective techniques to place malicious applications in the stores that could then be delivered to targeted devices.1234
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: An adversary can submit code remotely using throwaway accounts, although a registration fee may need to be paid for each new account (e.g., $99 for Apple and $25 for Google Play Store).
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: The app store operators (e.g., Apple and Google) may detect the attempts, but it would not be observable to those being attacked.