Zimperium

Around 19% of Android shopping apps expose at least one unprotected exported Service, potentially leading to data leakage.

Approximately 24% of analyzed Android shopping apps can retrieve Java classes or DEX files from remote locations.

Roughly 29% of reviewed iOS shopping apps access user data without declaring it in their App Store Privacy Overview.

During the 2024 shopping season, there was a 4x increase in mishing sites compared to monthly averages.

3 VPN apps still utilized a legacy version of the OpenSSL library.

25% of the VPN apps analyzed on iOS failed to include a valid privacy manifest at all.

On iOS, over 6% of VPN apps were found requesting private entitlements, which are typically restricted from third-party developers. This represented a total of 30 apps

Approximately 1% of the analyzed VPN apps were found to be vulnerable to a Man-in-the-Middle (MitM) attack.

50% of mobile devices are running on outdated operating systems.

Nearly 60% of iOS apps are vulnerable to PII data leakage.

Over 60% of iOS apps lack basic code protection.

Up to 34% of Android apps lack basic code protection.

Over 25% of mobile devices cannot upgrade to the latest OS versions.

43% of Android apps are vulnerable to PII data leakage.

Smishing has rapidly grown to comprise over two-thirds of mobile phishing attacks. Specifically, SMS/text based phishing (Smishing) is now 69.3% of all mishing attacks.

Smishing attacks grew by 22%.

70% of organizations support BYOD (Bring Your Own Device)

50% of mobile devices are running on outdated operating systems.

There was a 50% increase year-over-year in the use of Trojans in attacks.

Vishing (voice-call phishing) tactics grew by 28%.

43% of the top 100 apps use one or more cryptographic methods that do not follow best practices.

88% of all apps use one or more cryptographic methods that do not follow best practices.

103 of 9,078 analyzed Android apps were found to use unprotected or misconfigured cloud storage. 4 of these Android apps were in the top 1000 of the PlayStore popularity list.

62% of all analysed apps use some kind of cloud API or SDK.

10 of analyzed 9,078 Android apps contained exposed credentials to AWS cloud services.

Rooted devices are more than 3.5 times more likely to be targeted by mobile malware.

System compromise incidents are 250 times higher on rooted devices compared to stock devices.

Events where Security-Enhanced Linux is disabled increase more than 90 times on rooted devices compared to stock devices.

Filesystem compromise events increase by a factor of 3000 on rooted devices compared to stock devices.

The exposure factor of rooted devices versus stock devices varies from 3x to ~3000x, which suggests that rooted devices are potentially much more vulnerable to threats than stock devices.

Compromised app detections surge by a factor of 12 on rooted devices compared to stock devices.

3% of phishing sites use device-specific redirection, showing benign content on desktops while targeting mobile devices with phishing payloads.

Quishing (QR code phishing) is emerging, with notable activity in Japan (17%), the U.S. (15%), and India (11%).

Smishing (SMS/text based phishing) is the most common mobile phishing vector, accounting for 37% of attacks in India, 16% in the U.S., and 9% in Brazil.

Mishing activity peaked in August 2024, with over 1,000 daily attack records.