ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Multiple Device Login Attacks and Countermeasures of Mobile VoIP Apps on Android
Because Android apps are structurally easy to decompile, attackers may, using reverse engineering, modify the source code or inject some code of his choice. If a mobile messenger app were to be attacked in the same nature, the attacker can bypass the authentication mechanism applied on the app to not only view past conversations and Time line records of a particular user but to also receive and view real time conversations. In addition, there are widespread attacks on the apps’ weak points depending on the app such as wiretapping VoIP and other voice messages or illegally use of pay items. Therefore, in this paper, we analyze the security weak points of app A and app B, two representative Android message apps, and propose effective solutions.