Typically, an attacker seeks to understand extraneous functionality within a mobile app in order to discover hidden functionality in in backend systems. The attacker will typically exploit extraneous functionality directly from their own systems without any involvement by end-users. An attacker will download and examine the mobile app within their…

An attacker will typically download the targeted app from an app store and analyze it within their own local environment using a suite of different tools. An attacker must perform an analysis of the final core binary to determine its original string table, source code, libraries, algorithms, and resources embedded…

Typically, an attacker will exploit code modification via malicious forms of the apps hosted in third-party app stores. The attacker may also trick the user into installing the app via phishing attacks. Typically, an attacker will do the following things to exploit this category: Make direct binary changes to the…

Threat Agents include entities that can pass untrusted inputs to method calls made within mobile code. These types of issues are not necessarily security issues in and of themselves but lead to security vulnerabilities. For example, buffer overflows within older versions of Safari (a poor code quality vulnerability) led to…