search cancel

Appthority Recommended TIs for Custom Policies

book

Article ID: 173299

calendar_today

Updated On:

Products

Endpoint Protection Mobile

Issue/Introduction

Appthority Customer Success works with our Enterprise customers to determine their custom policy needs. Based on our experiences with multiple large enterprise customers, we recommend the following TI's be part of your own custom policies. They are grouped in order of risk priority. 

Resolution

High-Risk, Malicious TIs for Custom Policies

(8-10 Risk Scores)

Infected by XcodeGhost Infected by Femas
Uses mobiSage SDK with Backdoor Infected by Exaspy
Infected by AceDeceiver MilkyDoor
Uses YouMi SDK Gooligan
Uses Monkeysocks SDK Malware Application
Uses Luminati SDK Spyware Behavior
Infected by Chrysaor Commercial Spyware Behavior
Infected by DroidJack Appthority MTT Blacklist
Infected by DressCode  

 

Data Leakage TIs for Custom Policies

(6-7 Risk Scores)

Sends Credentials Unencrypted
Sends Address Book Unencrypted
Sends Calendar Unencrypted
Records Audio
Uses Camera

 

Vulnerability TIs for Custom Policies

(4-5 Risk Scores)

Uses JSPatch for Hot Patching
Uses Rollout.IO for Hot Patching
Stores Credentials Unencrypted
Downloads Zip File Unencrypted

 

Suspicious TIs for Custom Policies

(1-3 Risk Scores)

Detects Virus Total Emulator
Download External APK File
Contains URL with Sensitive Data
Can Hardcode URL Credentials