UNPKG

react-native-malwarelytics

Version:

Malwarelytics for React Native protects your banking or fintech app from a broad range of mobile security threats with an industry-leading mobile threat intelligence solution.

www.wultra.com/malwarelytics

wultra/react-native-malwarelytics

173 lines (144 loc) 7.29 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
# RASP module RASP (runtime application self-protection) features to protect the app against several attack vectors. The Malwarelytics for React Native provides the `MalwarelyticsRasp` class that implements all RASP-related functionality in one place. The object allows you to register your listener that can listen to RASP events, or you can access the various information directly. ## Listen to RASP events To listen to the RASP events, you have to register a listener that implements the `MalwarelyticsRaspListener` interface. For example: ```typescript await Malwarelytics.sharedInstance.rasp.setRaspListener({ debuggerDetected: function (detected: boolean): void { console.log(`Debugger is ${detected ? 'connected' : 'disconnected'}`); }, repackagingDetected: function (info: RepackagingInfo): void { console.log(`Repackage detected: ${JSON.stringify(info)}`); }, systemIntegrityCompromised: function (info: SystemIntegrityInfo): void { if (info.isJailbroken) { console.log(`Device is jailbroken`); } else if (info.isRooted) { console.log(`Device is rooted`); } }, httpProxyDetected: function (info: HttpProxyInfo): void { console.log(`HTTP proxy is ${info.isHttpProxyEnabled ? 'active' : 'inactive'}`); }, screenSharingDetected: function (info: ScreenSharingInfo): void { console.log(`Screen sharing detected: ${JSON.stringify(info)}`); }, emulatorDetected: function (info: EmulatorInfo): void { // Reported only on Android console.log(`App is running in emulator. Type is ${info.detectedEmulatorType}`); }, screenReaderDetected(info: ScreenReaderInfo): void { // Reported only on Android console.log(`Screen reader detected: ${JSON.stringify(info)}`) }, tapjackingDetected: function (info: TapjackingInfo): void { // Android specific console.log(`Tapjacking detected: ${JSON.stringify(info)}`); }, adbStatusDetected: function (adbStatus: boolean): void { // Android specific console.log(`ADB is ${adbStatus ? 'connected' : 'disconnected'}`); }, activeCallDetected: function (info: ActiveCallInfo): void { // Android specific console.log(`Active call info: ${JSON.stringify(info)}`); }, appPresenceChangeDetected: function (info: AppPresenceInfo): void { console.log(`App presence info: ${JSON.stringify(info)}`); }, vpnDetected: function (active: boolean): void { console.log(`VPN is ${active ? 'active' : 'inactive'}`); }, userScreenshotDetected: function (): void { // Apple specific console.log(`Screenshot detected`); }, reverseEngineeringToolsDetected: function (): void { // Apple specific console.log(`Reverse Engineering tools detected`); }, systemPasscodeConfigurationChanged: function (enabled: boolean): void { // Apple specific console.log(`System passcode is ${enabled ? 'set' : 'not set'}`); }, systemBiometryConfigurationChanged: function (enabled: boolean): void { // Apple specific console.log(`Biometry is ${enabled ? 'enrolled' : 'not enrolled'}`); }, isOnCallChanged: function (isOnCall: boolean): void { // Apple specific console.log(`Phone call is ${isOnCall ? 'active' : 'not active'}`); } }); ``` To remove the previously set listener, use the following code: ```typescript Malwarelytics.sharedInstance.rasp.removeRaspListener(); ``` ## Get current RASP signals The following code example shows how to get the current information about RASP threats: ```typescript const rasp = Malwarelytics.sharedInstance.rasp // Common signals const systemIntegrity = await rasp.getSystemIntegrityInfo(); console.log(`Is jailbroken = ${systemIntegrity.isJailbroken}`); console.log(`Is rooted = ${systemIntegrity.isRooted}`); if (systemIntegrity.isJailbroken || systemIntegrity.isRooted) { console.log(`System integrity info = ${JSON.stringify(systemIntegrity)}`); } const isEmulator = await rasp.isRunningInEmulator() console.log(`Running in emulator = ${isEmulator}`); if (isEmulator) { console.log(`Emulator type = ${(await rasp.getEmulatorInfo()).detectedEmulatorType}`); } console.log(`Is debugger conencted = ${await rasp.isDebuggerConnected()}`); console.log(`Rpackaging info = ${await rasp.getRepackagingInfo()}`); const httpProxy = await rasp.getHttpProxyInfo(); console.log(`Is HTTP proxy = ${httpProxy.isHttpProxyEnabled}`); if (httpProxy.isHttpProxyEnabled) { console.log(`HTTP proxy info = ${JSON.stringify(httpProxy)}`); } const screenSharing = await rasp.getScreenSharingInfo(); console.log(`Is Screen shared or captured = ${screenSharing.isScreenShared}`); if (screenSharing.isScreenShared) { console.log(`Screen sharing info: ${JSON.stringify(screenSharing)}`); } console.log(`Is VPN active = ${await rasp.isVpnActive()}`); console.log(`Phone call = ${await rasp.isOnCall()}`); console.log(`App presence info = ${JSON.stringify(await rasp.getAppPresenceInfo())}`); // Apple specific if (Platform.OS == 'ios') { console.log(`Reverse engineering tools present = ${await rasp.isReverseEngineeringToolsPresent()}`); console.log(`System passcode is set = ${await rasp.isSystemPasscodeEnabled()}`); console.log(`Biometry is enrolled = ${await rasp.isSystemBiometryEnabled()}`); } // Android specific if (Platform.OS == 'android') { console.log(`Tapjacking info = ${JSON.stringify(await rasp.getTapjackingInfo())}`); console.log(`ADB is ${(await rasp.getAdbStatus()) ? 'connected' : 'not connected'}`); console.log(`Screen lock is enabled = ${await rasp.isScreenLockEnabled()}`); console.log(`Play protect enabled = ${await rasp.isPlayProtectEnabled()}`); console.log(`Not allowed screen reader is enabled = ${await rasp.isNotAllowedScreenReaderEnabled()}`); console.log(`Bad Tapjacking capable app is present = ${await rasp.isBadTapjackingCapableAppPresent()}`); console.log(`Developer options enabled = ${await rasp.isDeveloperOptionsEnabled()}`); console.log(`Active call info = ${JSON.stringify(await rasp.getActiveCallInfo())}`); } ``` ## Activity protection on Android By default, Malwarelytics for React-Native, when initialized on Android, automatically protects the current application's activity and any subsequent activities against various threats, including tapjacking. However, if your application created any `Activity` objects before initializing the Malwarelytics module, you will need to register them manually for protection. For example: ```java import com.wultra.android.malwarelytics.reactnative.MalwarelyticsNativeHelper; public class AnotherActivity extends ReactActivity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); MalwarelyticsNativeHelper.getInstance().registerActivityForProtection(this); } } ``` <!-- begin box info --> You can read more about activity protection in [Android Native Library's](https://github.com/wultra/antivirus/blob/develop/docs/Activity-Protection.md) documentation. <!-- end --> ## Read Next - [Antivirus Module](Usage-AV.md) - [Demo Application](Demo-App.md)