Malware poses significant risks for mobile users, mobile service developers, and third parties. Preventing malware from causing harm is a shared responsibility of mobile operating system manufacturers, application developers, security vendors, and end users.
This malware security center is to inform and guide all stakeholders of this shared responsibility model, but first and foremost mobile application developers to implement timely and relevant measures against malware.
Malware can target mobile applications
The main focus of this knowledge base is to collect and share information about how malware can attack mobile applications. The practical manifestation of an attack on an application falls into one of the two categories:
- Spying on user data
- Spoofing user input
More specifically,
---
title: Malware attacks
---
graph TD
fraud[Malware Attacks]
fraud --> steal[Spy on user data]
fraud --> spoof[Spoof user input]
steal --> steal_screen[Screen]
steal --> steal_clipboard[Clipboard]
steal --> steal_sms[SMS]
spoof --> spoof_screen[Screen]
steal_screen --> a11y[Malicious accessibility service]
steal_screen --> steal_keyboard[Malicious keyboard]
steal_screen --> screen_rec[Screen recording]
steal_screen --> activity_injection[Activity injections]
steal_screen --> view_injection[View injections aka Overlays]
spoof_screen --> a11y
click a11y href "/mobile-app-security-research-center/malware/accessibility-service-malware"
click screen_rec href "/mobile-app-security-research-center/malware/screen-capture-attacks" "Screen recording attacks"
click activity_injection href "/mobile-app-security-research-center/malware/overlay-attacks" "Overlay injection attacks"
click view_injection href "/mobile-app-security-research-center/malware/overlay-attacks" "Overlay injection attacks"
click steal_clipboard href "/mobile-app-security-research-center/malware/clipboard-hijacking" "Clipboard attacks"
click steal_sms href "/mobile-app-security-research-center/malware/sms-attacks" "SMS attacks"
click steal_disk href "/mobile-app-security-research-center/malware/sms-attacks" "Task hijacking"
click steal_keyboard href "/mobile-app-security-research-center/malware/keyboard-attacks" "Malicious keyboard attacks"
Malware behavior patterns
To be effective and efficient in deploying the attacks, malware exhibits certain behavior patterns when it comes down to:
- Distributing malware
- Getting the initial footprint
- Getting updates
- Obtaining necessary privileges
| Task |
Behavioral pattern |
| Initial malware install |
Dropper applications |
| Initial malware install |
Phishing links |
| Getting updates |
Command and control |
| Obtaining privileges |
Nagging |
Featured articles