App squatting

Fake apps repackage an app and are relatively easy discovered as the identifiers (app name or package name) are changed. In “App Squatting”, attackers release apps with identifiers that are confusingly similar to those of popular apps or well-known Internet brands.

Related labs

• Android malware analysis (Pithus and jadx)

Resources

• Yangyu Hu, Mobile App Squatting, 2020, IW3C2

• PiRogue tool suite: Beginner guide - How to handle a potentially malicious mobile app