Mobile Threat Landscape: What to expect in 2018

Posted by Clément Saad on January 12, 2018

Last year, we witnessed more mobile attacks and data breaches than ever before.

Ransomwares (like WannaCry, NotPetya…) have often made the headlines as their attacks increased by 300% in the first quarter of 2017 (Panda Lab), and globally, the volume of unknown malwares has quadrupled year-over-year (Mobile App Threat Review Q1 2017).


Mobile applications have been a target of choice for hackers to access and steal data, with 88% of mobile threats coming from them. Major apps (Twitter, Uber, Pizza Hut…) suffered data breaches which resulted in the leakage of millions of users’ private data, showing that the need of app security is still underrated.

The quickly evolving mobile landscape has pushed hackers to always renew their attack techniques. Threats became more numerous and sophisticated, making it harder for standard security solutions to detect and ward them off.

Here are some forecasts and advices for 2018.


Watch out for biometrics authentication

Biometric verification started to be commonly used a few years ago with finger-scanning. Last year was the advent of new authentication technologies such as iris recognition, facial recognition and voice identification. As usual, these innovations came with their share of privacy issues.

To recognize a user’s iris, a mobile device needs to have a picture of it saved on-device or on a distant server. When this file gets stolen, it allows anyone in its possession to bypass the iris authentication on any of the user’s devices.

Regarding vocal recognition, in order to respond to a vocal request, a mobile device needs to constantly listen to its sound environment. But when does the eavesdropping start, when does it stop and where do the recordings go?

Until now, researchers have found ways to bypass biometric authentications with simple techniques. As their security levels still need some improvements, we need to be cautious with these technologies.


An increase in Man-In-The-Middle attacks

As mobile devices have become the first point of access to the internet, many Wi-Fi networks have been created, opening a new playground for hackers. The growing amount of public networks and users who get connected to them, associated to the low levels of security of mobile devices is resulting in more and more Man-In-The-Middle attacks. In 2018, their number will keep growing.


Sensitive data theft on the rise

Hackers are motivated by valuable and easy to get data. In that perspective, health and banking mobile data represent a top target. Their value is unquestionable. But what about their safety? In some of our researches that included health and banking apps, we discovered that the average security levels of mobile apps are low.

Among the most widely-used attack techniques, the overlay is a common way to retrieve credentials and will represent in 2018 a serious threat to users’ critical information.


Data privacy violations and leakage, a rising threat for companies

In one of our research (MATR 2017), we stated that 60% of mobile apps leak users’ data. A few weeks ago, we published an app analysis that illustrates that figure. Dune!, a Google Play app downloaded by millions was found to leak users data and geolocation to 32 distant servers. This app does not feature any malware, nonetheless it considerably violates data privacy. The number of apps available on official stores leaking data that they are not supposed to manipulate in the first place is strongly increasing.

From now on, malwareless attacks will increasingly be favoured by attackers, as they remain invisible to traditional protection models and do not require the victim’s interaction.

If individuals were so far mainly targeted by attacks, we can expect a shift toward companies’ data in 2018.  

As a result, corporate and BYOD devices only protected against basic malwares are no longer safe. This new trend calls for more precise solutions that accurately detect mobile threats and act accordingly.


Topics: Mobile Security, Expertise