Threat Category: Mobile Application Store
ID: ECO-14
Threat Description: Attackers bringing down official app stores may drive users to unofficial, 3rd party sources, opening their device up to malicious applications.
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
To prevent users from acquiring fraudulent versions of in-demand legitimate apps that are typically available from authorized app stores, prohibit side-loading or installing apps from unauthorized app stores
To ensure the availability of enterprise apps typically available from official app stores (e.g., Google Play), create a locally controlled repository of an application store such as F-Droid 1
References
Setup an FDroid App Repo, wiki entry, 3 May 2016, https://f-droid.org/wiki/page/Setup_an_FDroid_App_Repo [accessed 8/25/16] ↩