Threat Category: Mobile Application Store
ID: ECO-10
Threat Description: Malicious applications are placed into an application repository and made available for download, or malicious applications are sideloaded onto mobile devices.
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
To decrease the probability that unvetted apps are malicious, prohibit users from sideloading apps or downloading apps from unofficial and unauthorized app stores
Use app threat intelligence data to identify malicious applications unknowingly distributed through official or unofficial application stores.
Use features such as Apple iOS Managed Apps, Android for Work, or Samsung KNOX Workspace that provide some level of separation between personal apps and enterprise apps to mitigate the impact of malicious behaviors.
Use app-vetting tools or services to determine if enterprise applications appear free of malicious behaviors before authorizing their installation.
Host vetted apps within a locally controlled repository of an application store, such as F-Droid 1
References
Setup an FDroid App Repo, wiki entry, 3 May 2016, https://f-droid.org/wiki/page/Setup_an_FDroid_App_Repo [accessed 8/25/16] ↩