76% of mobile apps have flaws allowing hackers to steal passwords, money, and texts

By Alison DeNisco Rayome

on June 19, 2019

Android apps have more critical vulnerabilities than iOS apps do, according to a Positive Technologies report.

High-risk vulnerabilities are common across both Android and iOS mobile apps, with Android devices slightly more at risk than their iOS counterparts (43% vs. 38%), according to Positive Technologies’ Vulnerabilities and threats in mobile applications report, released Wednesday.

Insecure data storage is the most common vulnerability found in mobile apps across both platforms, the report found, as 76% of all apps contain this flaw. In some cases, insecure data storage can allow hackers to steal passwords, financial information, personal data, and correspondence, according to the report.

SEE: Mobile device security: Tips for IT pros (free PDF)(TechRepublic)

Some 89% of the vulnerabilities found could be exploited by malware. While the risk of infection increases on jailbroken devices, attackers rarely need physical access to a victim’s phone, the report found. Instead, once on the victim’s device, the malware can ask for permission to access user data, and if that permission is granted, the malware can send data directly to the attackers.

To protect devices and data, users should closely examine when apps request access to phone functions or data, and decline any requests to access unnecessary data, Galloway said. Users should also not open unknown links sent in texts or through chat apps, and not download apps from third-party app stores, she added.

For more, check out 10 dangerous app vulnerabilities to watch out for on TechRepublic.

Source: https://tek.io/2XmQlJM