SECURITY ANALYSIS TESTING ON INDONESIAN GOVERNMET ANDROID APPLICATION USING REPACKAGING ATTACK

The increasing adoption of digital technology by the Indonesian government has encouraged the development of a number of Android applications to make services easier for the public. However, at the same time, Android applications currently being developed have a very high vulnerability to reverse engineering, where this vulnerability can be easily exploited using a technique called a repackaging attack. Since Android was created in 2008, the threat of repackaging attacks continues to haunt Android users, including users of Indonesian government applications. Apart from that, the security integrity of the Indonesian government's Android application cannot be known for certain, especially the security threats related to repackaging attacks. This is likely because research that comprehensively evaluates the level of resistance of Indonesian government Android applications to repackaging attacks is still limited. This research develops the Metasploit payload injection technique as a repackaging method that can be used to evaluate the level of resilience of Indonesian government applications. From the results of testing 200 applications, it was found that 191 Indonesian government Android applications could still be easily exploited using repackaging attack techniques. In other words, Indonesian government applications have high potential to be used as a medium for spreading malware. This research also offers strategic recommendations for improving the integrity and security of Indonesian government applications against repackaging attacks, with the hope of protecting user data and privacy and increasing public trust in government digital applications and services.

Keyword: Repackaging Attack, Android Apps, Reverse Engineering, Android Security, Malware