Mobile Threat Catalogue

Redirect Genuine URL to Malicious Application


Threat Category: Mobile Application Store

ID: ECO-11

Threat Description: This could occur when an adversary changes the links within the app store pointing to where legitimate apps are stored to fake or malicious versions of the apps.

Threat Origin

Not Applicable, See Exploit or CVE Examples

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


To decrease the time to detection of malicious apps, use app threat intelligence data to identify malicious apps.

Use app-vetting tools or services to determine if apps acquired from even official or authorized app stores appear free of malicious or vulnerable behaviors of apps prior to authorizing their use.

Use features such as Apple iOS Managed Apps, Android for Work, or Samsung KNOX Workspace that provide additional separation between personal apps and enterprise apps to mitigate the impact of malicious behaviors.