How to Protect Android Apps Against FjordPhantom
Learn to Detect FjordPhantom in Android apps in mobile CI/CD with a Data-Driven DevSecOps™ build system.
What is FjordPhantom?
FjordPhantom is a malicious malware designed to target banking apps by leveraging a combination of virtualization techniques, dynamic code injection, and a variety of Java and POSIX API hooking techniques. Spread primarily through email, SMS, and messaging apps, it combines app-based malware with social engineering to defraud banking customers.
Victims are prompted to download an app that resembles their bank’s legitimate app. In reality, the downloaded app encapsulates the original bank’s Android app and runs it in a virtual environment with additional components that help with bypassing traditional safeguards thus allowing attacks on the app. The malware enables the attacker to monitor the user’s actions, and either guide the user to perform a transaction or utilize the process to steal credentials. The attacker then uses these credentials to launch additional attacks.
How Does Appdome Protect Against FjordPhantom?
Taking all the above into consideration, Appdome ensures that your Android app remains protected against FjordPhantom using the following protection methods:
- Anti Virtualization
- Detect Hooking Frameworks
- Prevent Code Injection
To learn more about how to activate these security protections in your mobile apps, please refer to the related articles section of this knowledge base article.
Related Articles:
- How to Prevent Code Injection & Process Injection in Mobile Apps
- Detect Hooking Frameworks
- How to Prevent Virtualization to Protect Android Apps
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.
