App Threat Report: The State of Repackaging

Q4 2022

Introducing our first App Threat Report, a quarterly analysis of different topics in mobile application security produced by Promon’s Research team.

Securing today’s mobile applications requires protecting not only the app code while at rest, but also the entire app process when in runtime. As attacks have grown more sophisticated, so too have the tools and techniques to mitigate and protect against these attacks.

Our Q4 report specifically explores repackaging, a code alteration or injection attack primarily directed at Android apps, in particular banking and finance apps. In the report, you will find a short primer on repackaging, followed by a review of the hundreds of financial services apps across various sectors, install bases and regions to assess the overall level of security against this common attack.

Highlights from the report

We tested the top 384 apps across 8 countries/regions: Australia, Brazil, the EU, India, Japan, Norway, the UK and the US. The report also includes the Top 100 finance apps in the Global app store, as well as a report benchmark.

61%

of the apps tested were successfully repackaged, across all categories: banking, payment, crypto, trading, financial services and government services

75%

Trading apps generally had the weakest protection – 75% were successfully repackaged

58%

Banking apps came out as the winner, all though more than half of these were also successfully repackaged