Hook detection

The application can be analysed or modified even though its source code has not been changed, applying a technique known as hooking. This technique can be used to intercept system or application calls and then modify them. An attacker can exploit this by inserting new (often malicious) code or by altering existing one to obtain personal client data. The most well-known hooking frameworks are Frida, Xposed, or Cydia Substrate.

Below are code snippets demonstrating hook detection across various platforms:

// Android hook check
override fun onHookDetected() {
    TODO("Not yet implemented")
}

// iOS hook detection
case runtimeManipulation

// Flutter hook and runtime manipulation detection
onHooks: () => print("Hooks")

// Cordova hook and runtime manipulation detection
hooks: () => {
    // Place your reaction here
}

// React Native hook and runtime manipulation detection
hooks: () => {
    // Place your reaction here
}

// Capacitor hook and runtime manipulation detection
hooks: () => {
    // Place your reaction here
}

Recommended action: Notify users that their device or app is insecure and log the event on your BE. In some cases, it is recommended to even kill the application.

PreviousEmulator detection NextApp tampering detection

Last updated 2 months ago