Stolen Source Code of Android Anti-Piracy Software, Dexguard Leaked Online [Update: Not Leaked]
- Dexguard is known for its ability to protect Android software from cloning, piracy and tampering attacks.
- The stolen source code of the software was posted online on GitHub after it was stolen from a customer.
- A DMCA takedown request was filed, and the repository has been taken down.
Dexguard by Guardsquare is a popular solution that safeguards Android apps from tampering, cloning, and piracy. The source code of the app was stolen from one of the app’s customers and posted online under the name ‘HackedTeam’ on GitHub.
A DMCA takedown notice was filed against, and the GitHub repository has been taken down. However, the code is already being republished on other websites after the Microsoft-owned website took it down. Over 300 instances of the repository were found online, and it is difficult for the developers to take the code off the internet permanently.
Unless the original poster can provide evidence of ownership of the code, the Dexguard repository will not be restored on GitHub. Despite the DMCA takedown, the original poster who published the code has not been banned. The ‘HackedTeam’ GitHub account contains code that dates back several years and includes instances of Android spyware.
The app’s developer Guardsquare is known for its premium software designed to protect applications from reverse engineering attacks and hacking. Dexguard is just one of many software Guardsquare offers. The developers cater to a large number of industries including e-commerce, financial institutions, and services, public sector, gaming, media, and telecommunication.
Dexguard is specifically designed to safeguard Android applications from being misused by attackers. Code obfuscation is a common method used by attackers to hide malicious code in legitimate apps and distributed through third-party sources.
Guardsquare revealed in a statement that the Dexguard repository was illegally obtained and was not authorized by the company. The company revealed “The listed folder contains an older version of our commercial obfuscation software (DexGuard) for Android applications. The folder is part of a larger code base that was stolen from one of our former customers”.
Update: Guardsquare CTO, Eric responded to TechNadu, "The hacked repository of a former customer contained an outdated standard copy of the compiled DexGuard product, not the source code. It's obviously an important difference. A copy of a commercial software product on the internet is not a great thing, but not terribly unusual either in this day and age." Thanks to Eric's clarification, its official that the product source code was not leaked so it's still secure to use.
What do you think about the data theft of Dexguard? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.