Request pricing
En
    Request pricing

    Login

      Welcome to Guardsquare's Malware Security Research Center

      Malware poses significant risks for mobile users, mobile service developers, and third parties. Preventing malware from causing harm is a shared responsibility of mobile operating system manufacturers, application developers, security vendors, and end users.

      This malware security center is to inform and guide all stakeholders of this shared responsibility model, but first and foremost mobile application developers to implement timely and relevant measures against malware. All protection techniques and code are freely available in this research center. Selected techniques are also included in DexGuard.

      Malware can target mobile applications

      The main focus of this knowledge base is to collect and share information about how malware can attack mobile applications. The practical manifestation of an attack on an application falls into one of the two categories:

      • Spying on user data
      • Spoofing user input

      More specifically,

      --- title: Malware attacks --- graph TD fraud[Malware Attacks] fraud --> steal[Spy on user data] fraud --> spoof[Spoof user input] steal --> steal_screen[Screen] steal --> steal_clipboard[Clipboard] steal --> steal_sms[SMS] spoof --> spoof_screen[Screen] steal_screen --> a11y[Malicious accessibility service] steal_screen --> steal_keyboard[Malicious keyboard] steal_screen --> screen_rec[Screen recording] steal_screen --> activity_injection[Activity injections] steal_screen --> view_injection[View injections aka Overlays] spoof_screen --> a11y click a11y href "/mobile-app-security-research-center/malware/accessibility-service-malware" click screen_rec href "/mobile-app-security-research-center/malware/screen-capture-attacks" "Screen recording attacks" click activity_injection href "/mobile-app-security-research-center/malware/overlay-attacks" "Overlay injection attacks" click view_injection href "/mobile-app-security-research-center/malware/overlay-attacks" "Overlay injection attacks" click steal_clipboard href "/mobile-app-security-research-center/malware/clipboard-hijacking" "Clipboard attacks" click steal_sms href "/mobile-app-security-research-center/malware/sms-attacks" "SMS attacks" click steal_disk href "/mobile-app-security-research-center/malware/sms-attacks" "Task hijacking" click steal_keyboard href "/mobile-app-security-research-center/malware/keyboard-attacks" "Malicious keyboard attacks"

      Malware behavior patterns

      To be effective and efficient in deploying the attacks, malware exhibits certain behavior patterns when it comes down to:

      • Getting an initial foothold
      • Obtaining necessary privileges
      • Getting updates
      Task Behavioral pattern
      Initial malware install Dropper applications
      Initial malware install Phishing links
      Getting updates Command and control
      Obtaining privileges Nagging

      Featured articles

      Guardsquare

      Table of contents