A marked surge in attacks on client-side apps could be due to the growing use of AI tools among cyber criminals, according to new research from Digital.ai.
More than eight-in-ten applications are under constant attack, marking a near 20% increase compared to last year, the study found.
Attack rates are rising fast across all industries, most significantly in telecoms, where more than nine-in-ten organizations were attacked, followed by financial services at 88%.
Notably, industries such as healthcare and automotive are now under significant threat, with 86% of automotive apps and 79% of healthcare-related applications under attack.
While Android apps have in the past been the main target, with 90% affected, the gap has narrowed. The number of iOS attacks has risen to 88%, thanks to jailbreaking and more sophisticated exploitation techniques.
Environment attacks, where apps run in compromised conditions such as rooted or jailbroken devices, affected 84% of Android apps and 80% of iOS apps.
"For enterprises, apps represent a gainful bridge to their consumers and employees, but for threat actors, these apps represent lucrative targets," said Derek Holt, CEO of Digital.ai.
"Today, we see more attackers expanding their focus to target not just flagship apps but secondary apps, plugins, add-ons and more".
Android’s open architecture raises questions
The study specifically highlighted the rise of ‘instrumentation attacks’, which involve dynamic code modification or hooking frameworks like Frida.
These were much more common on Android, researchers found, occurring at a rate of 82% compared with 44% on iOS.
A key factor here is because Android’s open architecture makes it more susceptible to runtime manipulation, whereas iOS has stronger built-in restrictions.
Integrity attacks, meanwhile, where app code is modified or repackaged, affected 52% of Android apps and 23.3% of iOS apps.
Again, Android’s app distribution model and third-party app stores make it easier for attackers to distribute modified apps, whereas iOS has tighter app store controls.
Attack surfaces are growing
Concerningly, the attack surface is growing, with Apple’s App Store and the Google Play store together offering nearly four million apps for downloads, with 137.8 billion downloads in 2024.
The rise of effective and freely-available AI tools has made it easier than ever for threat actors to easily reverse-engineer, analyze, and exploit many of these applications.
It’s also given rise to a burgeoning community of threat actors, many of whom are taking advantage of reverse-engineering tools such as Frida and Ghidra, sharing ideas, tips, and tricks.
RELATED WHITEPAPER
Meanwhile, AI tools are fueling a further rise in the rapid development of malware, while supporting threat actors in conducting source code analysis.
"As AI exponentially increases the capabilities of threat actors, businesses must dramatically increase their ability to protect and monitor all applications against reverse engineering, tampering, and man-in-the-middle attacks," said Holt.
"Delivering applications without these security protections is like leaving your front door unlocked and wide open."
MORE FROM ITPRO
-
How to implement a four-day week in techIn-depth More companies are switching to a four-day week as they look to balance employee well-being with productivity
-
Intelligence sharing: The boost for businessesIn-depth Intelligence sharing with peers is essential if critical sectors are to be protected
-
Okta and Palo Alto Networks are teaming up to ‘fight AI with AI’News The expanded partnership aims to help shore up identity security as attackers increasingly target user credentials
-
Despite the hype, cybersecurity teams are still taking a cautious approach to using AI toolsNews Research from ISC2 shows the appetite for AI tools in cybersecurity is growing, but professionals are taking a far more cautious approach than other industries.
-
Cyber professionals call for a 'strategic pause' on AI adoption as teams left scrambling to secure toolsNews Security professionals are scrambling to secure generative AI tools
-
AI security blunders have cyber professionals scramblingNews Growing AI security incidents have cyber teams fending off an array of threats
-
CISOs bet big on AI tools to reduce mounting cost pressuresNews AI automation is a top priority for CISOs, though data quality, privacy, and a lack of in-house expertise are common hurdles
-
The FBI says hackers are using AI voice clones to impersonate US government officialsNews The campaign uses AI voice generation to send messages pretending to be from high-ranking figures
-
Almost a third of workers are covertly using AI at work – here’s why that’s a terrible ideaNews Employers need to get wise to the use of unauthorized AI tools and tighten up policies
-
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO – as he warns Chinese cyber attacks are at an “unprecedented level”News Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.
