Page 6 - index
P. 6
the guise of a patch or a crack, or surreptitiously (re)installing it on an unsuspecting
user’s device.
• A rogue application performing a drive-by attack (For example, via the run-time
method known as swizzling, or function/API hooking) to compromise the target
application (in order to lift credentials, expose personal and/or corporate data,
redirect traffic, etc.)
Reverse Engineering or Code Analysis – This is the second category of exploitable binary
vulnerabilities, whereby application binaries can be analyzed statically and dynamically.
Using intelligence gathered from code analysis tools and activities, the binaries can be
reverse-engineered and valuable code (including source code), sensitive data, or proprietary
IP can be lifted out of the application and re-used or re-packaged. Reverse engineering or
code analysis threat scenarios can include:
• A hacker analyzing or reverse-engineering the binary, and identifying or exposing
sensitive information (keys, credentials, data) or vulnerabilities/flaws for broader
exploitation
• A hacker lifting or exposing proprietary intellectual property out of the application
binary to develop counterfeit applications
• A hacker reusing and “copy-catting” an application, and submitting it to an app store
under his/her own branding (as a nearly identical copy of the legitimate application)
A summary of Binary Exploits is provided is the graphic.
6 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide