Some 92 percent of the top 100 paid iOS apps and all of the top 100 paid Android apps have been hacked, according to a report released by app security company Arxan Technologies.
The company said that apps are subject to “many diverse types of hacks and tampering attacks”, including disabled or circumvented security, unlocked or modified features, free pirated copies, ad-removed versions, source code/IP theft, and malware-infested versions.
It also noted that free apps are not immune to attack, with 40 percent of the top free iOS apps and 80 percent of free Android apps also involved.
Arxan also said that hacking is pervasive across all categories, including business, productivity, financial services, social networking, communication and healthcare.
Developers were advised to “make mobile app protection a strategic priority”, and to be “especially diligent” when dealing with apps that deal with transactions, payments, sensitive date, or include high-value intellectual property.
It also noted that developers should “not assume that web app security strategies are adequate to address the new requirements for mobile app protection”.
In order to address this it was suggested that there is a focus on protecting the integrity of mobile apps against tampering/reverse engineering attacks, in addition to the traditional approach to avoiding vulnerabilities.
It was also suggested that protection is built directly into an app, including making apps “tamper-proof and self-defending”.
Jukka Alanen, VP at Arxan, said: "We envision a thriving App Economy with freedom and confidence to innovate and distribute new apps. However, this potential is being threatened by hackers, and most enterprises, security teams, and app developers are not prepared for these attacks."
Comments