diff --git a/_application-threats/APP-44.md b/_application-threats/APP-44.md new file mode 100644 index 0000000..cbd4103 --- /dev/null +++ b/_application-threats/APP-44.md @@ -0,0 +1,22 @@ +--- +layout: threat +ThreatCategory: Malicious or privacy-invasive application +ID: APP-44 +Threat: Hiding Application Icon +ThreatDescription: Malware may hide its icon after installation, making detection by the user more difficult. +ThreatOrigin: Self-Hiding Behavior in Android Apps: Detection and Characterization [^310] +ExploitExample: + - Android Trojan steals money from PayPal accounts even with 2FA on [^311] + - Is Mobile Malware Playing Hide and Steal on Your Device? [^312] +CVEExample: + - Not Applicable +PossibleCountermeasures: + Enterprise: + - Deploy MAM or MDM solutions with policies that prohibit the sideloading of apps, which may bypass security checks on the app. + - Deploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app stores. + - Perform application vetting to identify inappropriate behaviors by apps including permission requests made by the apps + Mobile Device User: + - Consider the use of devices that support Android 10.0 and later, in which getActivityList() was modified to limit the ability for apps to hide their launcher icons. +title: APP-44 +rawID: 44 +--- diff --git a/_includes/references.md b/_includes/references.md index 1fbafac..9ecd871 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -558,3 +558,13 @@ [^307]: Security Research Labs, _New SIM attacks de-mystified, protection tools now available_, blog; https://srlabs.de/bites/sim_attacks_demystified/ [accessed 12/03/2019] [^308]: Wikipedia, _Side-channel attack_; https://en.wikipedia.org/wiki/Side-channel_attack [accessed 12/09/2019] + + + + + +[^311] Z.Shan et al., _Self-Hiding Behavior in Android Apps: Detection and Characterization_; presented at International Conference on Software Engineering, 2018, https://ieeexplore.ieee.org/document/8453145 [accessed 8/1/2022] + +[^312] L. Stefanko, _Android Trojan steals money from PayPal accounts even with 2FA on_; welivesecurity, blog, 11 Dec 2018, https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/ [accessed 8/1/2022] + +[^313] McAfee, _Is Mobile Malware Playing Hide and Steal on Your Device?_; McAfee, blog, https://www.mcafee.com/blogs/mobile-security/mobile-threat-report-q1-2020/ [accessed 8/1/2022]