Tool prevents hackers from obtaining Android app source code
Posted on 02 October 2012.
RIIS announced HoseDex2Jar, a mobile security tool that can prevent Android decompilation by hackers on mobile devices.


Android runs applications in .dex format. Dex2Jar is the only tool available to convert Android APK's back into Java .jar files. This allows someone to decompile the .jar file using JD-GUI or JAD into readable source code. Once done, all proprietary source code and other sensitive information stored on backend databases are vulnerable.

RIIS knew if they could figure out a way to stop Dex2Jar from functioning, they could protect Android apps from being decompiled at all, thus protecting the apps from attackers. RIIS started investigating to see if Dex2Jar had any limitations they could expose. HoseDex2Jar was born.

"Developers can take steps such as using tools like ProGuard to obfuscate their code, but up until now, it has been impossible to prevent someone from decompiling an app," said Nolan.

"We realized if there was a way to stop Dex2Jar, we would stop all Android Decompilation. HoseDex2Jar does just that. It stops Dex2Jar by inserting harmless code in an Android APK that confuses and disables Dex2Jar and protects the code from decompilation. We're now able to go a step beyond obfuscation and prevent hackers from decompiling an APK into readable java code. This is huge for companies with Android apps available on Google Play."





Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //