Source Code Is Not Obfuscated
Obfuscation is the process of making something obscure or unclear. While developing a mobile app, it is necessary to make the source code unintelligible when releasing an app. Source code may be left the way it is by the developers because of the lack of awareness about its consequences. Such an application may be exploited by an attacker, and its implications could be damaging. Below is an illustration of how an attacker may use an application’s source code for a malicious reason.
If a mobile application is released and its source code obfuscation is not done then an attacker can access the apk file and decode it. If he does that then the underlying logic and functionality will be clear to him. The attacker may build a similar application using the code, except for a change, that sends users’ private information to the attacker’s server. This information would be used for fraudulent activities, like stealing money from a user’s bank account.
The solution is to obfuscate the code. It makes the code unintelligible. An attacker cannot understand the application logic and functionality even after accessing the code. That would prevent the attacker from using the code to rob a user in any way.