We present details about our Appicaptor service and specific security findings based on corresponding app security research at the IT Security Expo it-sa 2017 (10 to 12 October 2017 in Nuremberg, Germany). Visit our booth in Hall 9 / 9-410 to get a live tour on how Appicaptor provides you with everything you need to make informed decisions in app approval processes and see insightful live demos of attacks on hybrid apps.
We demonstrate this attack by showing how trustworthy but flawed hybrid apps can be modified on the fly to generate wiretapping devices, just by injecting new functionality that unnoticeable records the smartphone’s ambient audio to an attacker’s cloud storage. According to our published analysis results that will be published for it-sa 2017, hybrid apps for iOS and Android are packed with flaws that allow attackers to do this by using malicious WiFi-hotpots or crafting special user input.
Make an appointment for a live demo and get a free voucher code for it-sa 2017.