AppSealing is defining the hacking categories in three levels. Critical, Medium, Low.
Critical hacking attempts indicate the malicious behavior created by professional hackers. If you don`t manage them strictly, they can successfully attack AppSealing and your app someday.
Medium hacking attempts indicate the malicious behaviour that can created by non-professional hackers, but with clear intent to attack.
Low hacking attempts indicate the possibly malicious behaviors or observations that can created by cheaters and even not-intentional cheaters.
Critical (Professional Hacker Level):
-
Code Hooking:
- Intercepting and altering the behavior of functions within an application poses a serious risk to data integrity and security.
-
Disabling Security:
- Malicious attempts to disable security features, exposing vulnerabilities and compromising the overall system integrity.
-
Source Code Modification:
- Unauthorized changes to the source code, can introduce vulnerabilities or create backdoors within the application.
-
Repackaged Application:
- Creating unauthorized versions of the application, often for malicious distribution, emphasizes the need for code signing and tamper detection mechanisms.
- Debugging:
- The act of debugging can expose sensitive information and vulnerabilities within the application's code.
Medium(Important, but not Professional Level):
-
Rooted Device:
- Running an application on a rooted device potentially leads to security risks and data exposure.
-
Speed Modification:
- Modifying the speed of an application is particularly relevant in gaming contexts, where fairness and integrity are essential.
-
App Cloning Environment:
- Creating clones or duplicates of the application can pose security and intellectual property risks.
Low (User-Level):
-
Cheat Tool:
- Tools used to exploit vulnerabilities in the application, often impact fair usage, especially in gaming environments. AppSealing is scanning cheat tools from the installed app list. However, there is a variety of cheat tools, so we will categorize them again with more detailed segments.
-
Emulator:
- Software emulators are used for testing but can be exploited, emphasizing the importance of emulator detection mechanisms.
-
USB Debugging:
- Enabling USB debugging can expose the application to potential security threats.