The FireEye, Inc. researchers conducted an in-depth analysis on the mobile apps’ vulnerabilities by assessing seven million ‘iOS and Android Apps’. The study revealed that the Android malware continues to grow pervasively while the iOS devices are increasingly being at risk (Milpitas). An analysis of popular apps that have 50,000 and above downloads revealed that 31% were prone to vulnerabilities with 18% of them being categorized as sensitive data such as financial, shopping, communication, health, medical, and productivity. There are Android apps that have been designed to steal data and they have increased to a tune of 500%, making mobile apps to represent significant threats for firms.
There is a new channel through which iOS malware is delivered making it capable of bypassing a review done by the Apple App Store. The enterprise provisioning is used by attackers to convey malicious applications to the end users over the air or through the USB connections. According to the findings on writing platform and the FireEye, Inc. researchers, over 1,400 of the studied iOS apps present on the internet introduced security issues variants, which were signed and distributed through the enterprise or ad-hoc provisioning profiles (Milpitas).
In a nut-shell, the overall results of the FireEye, Inc.’s study established that mobile users are exposed to various fronts of risks, including legitimate apps which have been written insecurely by developers, malicious apps that steal users’ information once installed, identity theft, legitimate apps aggressive and/or insecure ad libraries, premium rate SMS and phone fraud, and malware and adware that bypass the Google Play checks, making users assume that they are safe.