Resiliency / Application Checks Rooted Device

AndroidiOSMobile App

Description

Application checks rooted device is an IT vulnerability that allows attackers to root a mobile device and gain access to the device. This vulnerability is classified as CWE-716: Create a User with Unrestricted Privileges. According to the OWASP Testing Guide, this vulnerability can occur in Android, iOS, and Mobile App operating systems. By exploiting this vulnerability, an attacker can gain access to confidential or sensitive data that is stored on the device and use it to their malicious intent.

Risk

The impact of this vulnerability is high as the attacker can gain access to the device and use it to their malicious intent. The attacker can gain access to confidential or sensitive data stored on the device and can use the device to launch further attacks. It is also possible for the attacker to gain access to the device’s root, which is the highest level of access on a device.

Solution

The best way to mitigate this vulnerability is to ensure that all applications that are installed on the device are authenticated before they are granted access. This can be done by adding a layer of authentication to the application, such as a PIN, password, or biometric authentication. Additionally, regular patching can help to reduce the risk of this vulnerability as it will ensure that the device is running the latest security updates.

Example The following example code shows how a mobile application can check if the device is rooted.

// Check if the device is rooted
if (isDeviceRooted()) {
    throw new SecurityException("Device is rooted!");
}

Related incidents

  1. In 2017, an Android application called CamScanner was found to contain malicious code that would root the device it was installed on.
  2. In 2018, a malicious iOS application was found to be able to root any iOS device it was installed on.
  3. In 2019, a malicious mobile application was found to be able to root any Android device it was installed on.
  4. In 2019, a malicious application was found to be able to root any Android device it was installed on and then steal data from it.
  5. In 2020, a malicious application was found to be able to root any Android device it was installed on and then launch distributed denial-of-service (DDoS) attacks.

Curious? Convinced? Interested?

Arrange a no-obligation consultation with one of our product experts today.