Science and Technology

Hackers can get into 76% of mobile apps

76% of mobile apps have flaws allowing hackers to steal passwords, money, and texts


on June 19, 2019

Android apps have more critical vulnerabilities than iOS apps do, according to a Positive Technologies report.

High-risk vulnerabilities are common across both Android and iOS mobile apps, with Android devices slightly more at risk than their iOS counterparts (43% vs. 38%), according to Positive Technologies’ Vulnerabilities and threats in mobile applications report, released Wednesday.

Insecure data storage is the most common vulnerability found in mobile apps across both platforms, the report found, as 76% of all apps contain this flaw. In some cases, insecure data storage can allow hackers to steal passwords, financial information, personal data, and correspondence, according to the report.

SEE: Mobile device security: Tips for IT pros (free PDF)(TechRepublic)

Some 89% of the vulnerabilities found could be exploited by malware. While the risk of infection increases on jailbroken devices, attackers rarely need physical access to a victim’s phone, the report found. Instead, once on the victim’s device, the malware can ask for permission to access user data, and if that permission is granted, the malware can send data directly to the attackers.

“In 2018, mobile apps were downloaded onto user devices over 205 billion times. Developers pay painstaking attention to software design in order to give us a smooth and convenient experience and people gladly install mobile apps and provide personal information,” Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, said in a press release. “However, an alarming number of apps are critically insecure, and far less developer attention is spent on solving that issue. Stealing data from a smartphone usually doesn’t even require physical access to the device.”

To protect devices and data, users should closely examine when apps request access to phone functions or data, and decline any requests to access unnecessary data, Galloway said. Users should also not open unknown links sent in texts or through chat apps, and not download apps from third-party app stores, she added.

For more, check out 10 dangerous app vulnerabilities to watch out for on TechRepublic.


 157 Total Page Views,  1 Views Today

Related Articles

Leave a Reply

Back to top button