UNPKG

react-native-malwarelytics

Version:

Malwarelytics for React Native protects your banking or fintech app from a broad range of mobile security threats with an industry-leading mobile threat intelligence solution.

www.wultra.com/malwarelytics

wultra/react-native-malwarelytics

119 lines 4.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/** * An APK with analyzed threats. */ export interface ApkThreat { /** * Package name (application Id) of the app posing a threat to the current app. */ readonly packageName: string; /** * Threat index of the apk. Result of the correct combination of evaluated and suggested threat indexes. */ readonly threatIndex: ThreatIndex; /** * Evaluated threat index indicating severity of the threat. */ readonly evaluatedThreatIndex: ThreatIndex; /** * Suggested threat index. If the value is `UNKNOWN` then there's no suggestion. */ readonly suggestedThreatIndex: ThreatIndex; /** * Optional name of malware detection. This is not bound to the thratIndex, can appear independently. */ readonly malwareDetectionName?: string; /** * Set of recommended mitigations for handling the threat. */ readonly mitigations: ThreatMitigation[]; /** * Evaluated threat reasons marking what is dangerous about the app. */ readonly reasons: ThreatReason[]; /** * Store the app was installed from (for example google play). */ readonly threatInstaller: ThreatInstaller; /** * Set of malware flags - malware types and malware families. */ readonly flags: MalwareFlag[]; } /** * A threat level that is posed by an app. * * MALWARE: * The found threats clearly indicate that the app is a malware. * * HIGHLY_DANGEROUS: * The found threats indicate that the app is highly dangerous * to the current app. * It uses multiple potential attack vectors * including techniques directly targeting the current app. * * DANGEROUS: * The found threats indicate that the app is dangerous * to the current app. * Is uses multiple potential attack vectors. * However, no technique directly targeting the current app was detected. * * POTENTIALLY_UNWANTED_APP: * The found threats indicate that the app might be potentially dangerous. * For example it declares potentially dangerous permissions. * However it it quite possible that the app is legitimate. * * SAFE: * There are no found threats. * * UNKNOWN: * The threat is unknown. * The app was probably not found. * In case of suggestions, there's none. */ export type ThreatIndex = "MALWARE" | "HIGHLY_DANGEROUS" | "DANGEROUS" | "POTENTIALLY_UNWANTED_APP" | "SAFE" | "UNKNOWN"; /** * Convert `ThreatIndex` type into number for the evaluation. The higher numeric value means a higher danger. * @param threatIndex `ThreatIndex` to convert. * @returns Number representing how dangerous the application is. */ export declare function threatIndexToNumber(threatIndex: ThreatIndex): number; /** * Installer app of an apk. * * STORE_GOOGLE_PLAY: The app was installed via Google Play * STORE_HUAWEI_APP_GALLERY: The app was installed via Huawei App Gallery * STORE_SAMSUNG_GALAXY_STORE: The app was installed via Samsung Galaxy Store * STORE_APTOIDE: The app was installed via Aptoide */ export type ThreatInstaller = "STORE_GOOGLE_PLAY" | "STORE_HUAWEI_APP_GALLERY" | "STORE_SAMSUNG_GALAXY_STORE" | "STORE_APTOIDE"; export type ThreatMitigation = "WARNING_SCREEN" | "NOTIFICATION" | "SHOW_WEB" | "KILL_APP" | "KILL_APP_SHOW_WEB"; /** * Evaluated flag for an apk threat. * The flag risk the other app is posing. * * ACCESSIBILITY: Accesibility * SMS_ACCESS: Read sms, receive sms, notification listener * SCREEN_OVERRIDE: Task hijacking, screen overlay * INSTALLER: Can install apps * UNINSTALLER: Can uninstall apps * EVADER: Hides it's internals/function * OUTSIDE_GOOGLE_PLAY: Not installed via Google Play * CALLER: Can play with your calls, e.g. it can setup a call forwarding of your calls * PRELOADED_APP: The app is preloaded on the device * PRIVILEGED_APP: The app is privileged (system privileges) * DEVELOPMENT_OR_TEST: The app is debuggable * */ export type ThreatReason = "ACCESSIBILITY" | "SMS_ACCESS" | "SCREEN_OVERRIDE" | "INSTALLER" | "UNINSTALLER" | "EVADER" | "OUTSIDE_GOOGLE_PLAY" | "CALLER" | "PRELOADED_APP" | "PRIVILEGED_APP" | "DEVELOPMENT_OR_TEST"; /** Flag designating malware info. */ export interface MalwareFlag { readonly name: string; readonly type: MalwareFlagType; } /** Type of MalwareFlag. */ export declare enum MalwareFlagType { UNKNOWN = "UNKNOWN", MALWARE_FAMILY = "MALWARE_FAMILY", MALWARE_TYPE = "MALWARE_TYPE" } //# sourceMappingURL=ApkThreat.d.ts.map