An adversary could download a legitimate app, disassemble it, add malicious code, and then reassemble the app. The app would appear to be the original app but contain additional malicious functionality. The adversary could then publish this app to app stores or use another delivery technique.
|User Guidance||Users should be encouraged to only install apps from authorized app stores, which are less likely to contain malicious repackaged apps.|
|X-Agent for Android|
An EMM/MDM or mobile threat protection solution can identify the presence of unwanted, known insecure, or malicious apps on devices.