M5: Insecure Communication

Mobile devices operate on untrusted networks—public Wi-Fi, carrier infrastructure, and captive portals. Insecure communication flaws expose data in transit or enable man-in-the-middle attacks that tamper with app traffic. Attackers leverage protocol downgrades, forged certificates, or compromised network gear to eavesdrop on sensitive payloads.

Typical Weakness Patterns

• Missing TLS or accepting any certificate, including self-signed or expired credentials.
• Weak cipher suites, disabled certificate revocation checks, or failure to validate hostname and certificate pinning.
• Transmitting sensitive data via insecure channels like HTTP, SMS, or push notifications without encryption.
• Not protecting secondary channels (analytics, crash reporting, feature flag updates) with the same rigor as primary APIs.

Detection Cues

• Network interception with tools such as mitmproxy or Burp Suite to observe whether the app blocks forged certificates.
• Automated scanning of app binaries for the usage of insecure network libraries or disabled TLS validation flags.
• Runtime instrumentation to verify that all endpoints enforce HTTPS and modern TLS configurations.

Mitigation

• Enforce TLS 1.2+ by default, validate full certificate chains, and enable certificate pinning with a secure update strategy.
• Protect every auxiliary service (analytics, push, OTA updates) with strong transport encryption and mutual authentication where possible.
• Use end-to-end encryption for highly sensitive data, layering application-level crypto on top of TLS.
• Monitor for network anomalies, certificate transparency violations, and unexpected endpoint changes.