Mobile Threat Catalogue

Application Store Infrastructure Attack


Threat Category: Mobile Application Store

ID: ECO-14

Threat Description: Attackers bringing down official app stores may drive users to unofficial, 3rd party sources, opening their device up to malicious applications.

Threat Origin

Not Applicable, See Exploit or CVE Examples

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


To prevent users from acquiring fraudulent versions of in-demand legitimate apps that are typically available from authorized app stores, prohibit side-loading or installing apps from unauthorized app stores

To ensure the availability of enterprise apps typically available from official app stores (e.g., Google Play), create a locally controlled repository of an application store such as F-Droid 1


  1. Setup an FDroid App Repo, wiki entry, 3 May 2016, [accessed 8/25/16]