A marked surge in attacks on client-side apps could be due to the growing use of AI tools among cyber criminals, according to new research from Digital.ai.
More than eight-in-ten applications are under constant attack, marking a near 20% increase compared to last year, the study found.
Attack rates are rising fast across all industries, most significantly in telecoms, where more than nine-in-ten organizations were attacked, followed by financial services at 88%.
Notably, industries such as healthcare and automotive are now under significant threat, with 86% of automotive apps and 79% of healthcare-related applications under attack.
While Android apps have in the past been the main target, with 90% affected, the gap has narrowed. The number of iOS attacks has risen to 88%, thanks to jailbreaking and more sophisticated exploitation techniques.
Environment attacks, where apps run in compromised conditions such as rooted or jailbroken devices, affected 84% of Android apps and 80% of iOS apps.
"For enterprises, apps represent a gainful bridge to their consumers and employees, but for threat actors, these apps represent lucrative targets," said Derek Holt, CEO of Digital.ai.
"Today, we see more attackers expanding their focus to target not just flagship apps but secondary apps, plugins, add-ons and more".
Android’s open architecture raises questions
The study specifically highlighted the rise of ‘instrumentation attacks’, which involve dynamic code modification or hooking frameworks like Frida.
These were much more common on Android, researchers found, occurring at a rate of 82% compared with 44% on iOS.
A key factor here is because Android’s open architecture makes it more susceptible to runtime manipulation, whereas iOS has stronger built-in restrictions.
Integrity attacks, meanwhile, where app code is modified or repackaged, affected 52% of Android apps and 23.3% of iOS apps.
Again, Android’s app distribution model and third-party app stores make it easier for attackers to distribute modified apps, whereas iOS has tighter app store controls.
Attack surfaces are growing
Concerningly, the attack surface is growing, with Apple’s App Store and the Google Play store together offering nearly four million apps for downloads, with 137.8 billion downloads in 2024.
The rise of effective and freely-available AI tools has made it easier than ever for threat actors to easily reverse-engineer, analyze, and exploit many of these applications.
It’s also given rise to a burgeoning community of threat actors, many of whom are taking advantage of reverse-engineering tools such as Frida and Ghidra, sharing ideas, tips, and tricks.
RELATED WHITEPAPER
Meanwhile, AI tools are fueling a further rise in the rapid development of malware, while supporting threat actors in conducting source code analysis.
"As AI exponentially increases the capabilities of threat actors, businesses must dramatically increase their ability to protect and monitor all applications against reverse engineering, tampering, and man-in-the-middle attacks," said Holt.
"Delivering applications without these security protections is like leaving your front door unlocked and wide open."
MORE FROM ITPRO
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO – as he warns Chinese cyber attacks are at an “unprecedented level”News Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapersNews While not malicious, the bots can overwhelm web applications in a way similar to bad actors
-
Law enforcement needs to fight fire with fire on AI threatsNews UK law enforcement agencies have been urged to employ a more proactive approach to AI-related cyber crime as threats posed by the technology accelerate.
-
OpenAI announces five-fold increase in bug bounty rewardNews OpenAI has announced a slew of new cybersecurity initiatives, including a 500% increase to the maximum award for its bug bounty program.
-
Multichannel attacks are becoming a serious threat for enterprises – and AI is fueling the surgeNews Organizations are seeing a steep rise in multichannel attacks fueled in part by an uptick in AI cyber crime, new research from SoSafe has found.
-
12,000 API keys and passwords were found in a popular AI training dataset – experts say the issue is down to poor identity managementAnalysis The discovery of almost 12,000 secrets in the archive of a popular AI training dataset is the result of the industry’s inability to keep up with the complexities of machine-machine authentication.
-
Microsoft is increasing payouts for its Copilot bug bounty programNews Microsoft has expanded the bug bounty program for its Copilot lineup, boosting payouts and adding coverage of WhatsApp and Telegram tools.
-
Tech leaders worry AI innovation is outpacing governanceNews Business execs have warned the current rate of AI innovation is outpacing governance practices.
