Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft

[talsec-app]

Did you know about the significant security risks of JWT token stealing and impersonation attacks facilitated by malicious cloned apps? We prepared a hands-on video and article to discover more about those. 🕵️‍♂️

Article
https://medium.com/@talsec/protecting-your-api-from-app-impersonation-token-hijacking-guide-and-mitigation-of-jwt-theft-48e744b76327?source=friends_link&sk=38fdebc202b9ef5e84ab48c5cd103f23

Video
https://youtu.be/RiGrlEHkjqs

Let us know your thoughts!

Yours,
Talsec Team

[examplestack]

//queries-package android:name="com.huawei.hwid"-queries//
in android any application used your tool/software can interact with huawei services or aplication.
Specifies the set of other apps that an app intends to interact with. These other apps are specified by package name
does it not going to compromise the data which your talsec going to collect.

[talsec-app]

Hi @examplestack,

freeRASP indeed declares queries attribute in the manifest file. In the freeRASP, we check if Huawei Mobile Services are available on the device. We don't want to depend on Huawei packages/dependencies, so we implemented this check ourselves. And because of the recent Android package visibility updates, we need to query this package name.

The query attribute itself shouldn't compromise our checks or logs. It's there just so we are able to access the Huawei Core components if available.

Best regards,
Ondrej, Talsec dev