Endpoint/Device Security, Endpoint/Device Security

Nearly a third of known, zero-days discovered in 2021 targeted mobile devices

A visitor photographs a display at the 2019 IFA home electronics and appliances trade fair on Sept. 6, 2019, in Berlin. (Photo by Sean Gallup/Getty Images)
Threat actors are increasingly targeting mobile devices, a new study by Zimperium found. Pictured: A visitor photographs a display at the 2019 IFA home electronics and appliances trade fair on Sept. 6, 2019, in Berlin. (Photo by Sean Gallup/Getty Images)

Research released by Zimperium on Tuesday found that 30% of the known, zero-day vulnerabilities discovered in 2021 targeted mobile devices.

The researchers also found that in 2021 there was a 466% increase in exploited, zero-day vulnerabilities used in active attacks against mobile endpoints. In addition, some 75% of the phishing sites analyzed specifically targeted mobile devices.

In other findings:

  • 42% of organizations report that vulnerabilities in mobile devices and web applications have led to a security incident.
  • Based on Zimperium’s analysis of more than 1.3 million Android and iOS apps, 14% of the apps using public cloud back-ends had misconfigurations that exposed users’ personal information.
  • Prominent malware discovered in previous years made a mobile-focused comeback in 2021. For example, Pegasus, the spyware program first detected in 2016, surfaced again in 2021. Attackers targeted more than 50,000 individuals, including journalists, activists, and political leaders.

Security teams must look at security trends on mobile in the context of protecting data in the cloud, said Hank Schless, senior manager, security solutions at Lookout. Schless said securing the mobile device is an important first step, but to fully secure an organization and its data, security teams need to use mobile risk as one of the many signals that feed security policies for accessing data in cloud, on-premises, and private apps. 

“This report needs to do a better job of helping people understand how much of a risk mobile phishing is,” Schless said. “It's the No. 1 attack vector that threat actors use to compromise credentials and discretely enter the infrastructure to access sensitive data and execute advanced attacks like ransomware.”

Bud Broomhead, CEO at Viakoo, said mobile devices have become the center of our lives, which has let threat actors bridge from mobile phones into virtually any other part of a person’s life. 

“Cybercriminals possess more detailed information than ever on individuals, which impacts both business and consumers,” Broomhead said. “Most enterprises support some form of BYOD [bring your own device], which brings a consumer-level hack into the realm of an enterprise being compromised. Ensuring that employees are not using personal passwords in their work environment can help to reduce the possibility of compromise, however, the blurred lines between work life and home life are making it easier for cybercriminals to perform exploits aimed at enterprise systems and data.”

Related

US, Australia apprehend Firebird RAT developer

The FBI and Australian Federal Police have partnered to arrest and indict an unnamed Australian who developed Firebird/Hive remote access trojan and California-based Edmond Chakhmakchyan, also known as Corruption, who allegedly marketed the RAT, according to BleepingComputer.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.