Promon analyzed almost 400 of the world’s most-used Android finance apps and found they could successfully repackage 61% of them, including 58% of all banking apps.
Repackaging is a common attack in which an attacker downloads an app, opens it, injects code and then re-signs it so it runs just as the original app would. All they need at this point is a way to distribute the app. They can use this to, for example, inject malware code into a banking app, or change APIs to redirect and exfiltrate data.
70% of the top US finance apps were repackaged, while 65% of the top EU finance apps were vulnerable. The report also includes actions developers can take to help reduce the risk of a repackaging attack.
Download this comprehensive guide to learn more about App Repackaging.