Positive Technologies has published the results of a study that examined the security of mobile applications for Android and iOS operating systems.
It is reported that most programs for smartphones and tablets contain certain vulnerabilities. Thus, three quarters (76%) of mobile applications contain "holes" and shortcomings associated with insecure data storage: passwords, financial information, personal information and personal correspondence of gadget owners can be in the hands of attackers.
Experts have found that 60% of vulnerabilities are concentrated in the client side of applications. At the same time, 89% of the "holes" can be exploited without physical access to the mobile device, and 56% - without administrator rights (jailbreak or root).
Android apps with critical vulnerabilities are slightly more common than iOS apps β 43% versus 38%. However, this difference is insignificant, experts say.
One in three Android mobile app vulnerabilities are due to configuration flaws.
Experts also emphasize that the risk of a cyber attack as a result of exploiting server-side vulnerabilities should not be underestimated. Mobile application servers are not much better protected than client parts. In 2018, each server part contained at least one vulnerability that allows for a variety of attacks on users, including phishing mailings on behalf of employees of the developer company.
More details about the results of the study can be found .
Source: 3dnews.ru