A marked surge in attacks on client-side apps could be due to the growing use of AI tools among cyber criminals, according to new research from Digital.ai.
More than eight-in-ten applications are under constant attack, marking a near 20% increase compared to last year, the study found.
Attack rates are rising fast across all industries, most significantly in telecoms, where more than nine-in-ten organizations were attacked, followed by financial services at 88%.
Notably, industries such as healthcare and automotive are now under significant threat, with 86% of automotive apps and 79% of healthcare-related applications under attack.
While Android apps have in the past been the main target, with 90% affected, the gap has narrowed. The number of iOS attacks has risen to 88%, thanks to jailbreaking and more sophisticated exploitation techniques.
Environment attacks, where apps run in compromised conditions such as rooted or jailbroken devices, affected 84% of Android apps and 80% of iOS apps.
"For enterprises, apps represent a gainful bridge to their consumers and employees, but for threat actors, these apps represent lucrative targets," said Derek Holt, CEO of Digital.ai.
"Today, we see more attackers expanding their focus to target not just flagship apps but secondary apps, plugins, add-ons and more".
Android’s open architecture raises questions
The study specifically highlighted the rise of ‘instrumentation attacks’, which involve dynamic code modification or hooking frameworks like Frida.
These were much more common on Android, researchers found, occurring at a rate of 82% compared with 44% on iOS.
A key factor here is because Android’s open architecture makes it more susceptible to runtime manipulation, whereas iOS has stronger built-in restrictions.
Integrity attacks, meanwhile, where app code is modified or repackaged, affected 52% of Android apps and 23.3% of iOS apps.
Again, Android’s app distribution model and third-party app stores make it easier for attackers to distribute modified apps, whereas iOS has tighter app store controls.
Attack surfaces are growing
Concerningly, the attack surface is growing, with Apple’s App Store and the Google Play store together offering nearly four million apps for downloads, with 137.8 billion downloads in 2024.
The rise of effective and freely-available AI tools has made it easier than ever for threat actors to easily reverse-engineer, analyze, and exploit many of these applications.
It’s also given rise to a burgeoning community of threat actors, many of whom are taking advantage of reverse-engineering tools such as Frida and Ghidra, sharing ideas, tips, and tricks.
RELATED WHITEPAPER
Meanwhile, AI tools are fueling a further rise in the rapid development of malware, while supporting threat actors in conducting source code analysis.
"As AI exponentially increases the capabilities of threat actors, businesses must dramatically increase their ability to protect and monitor all applications against reverse engineering, tampering, and man-in-the-middle attacks," said Holt.
"Delivering applications without these security protections is like leaving your front door unlocked and wide open."
MORE FROM ITPRO
-
Gender diversity improvements could be the key to tackling the UK's AI skills shortageNews Encouraging more women to pursue tech careers could plug huge gaps in the AI workforce
-
Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network AcademyNews The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years
-
Trend Micro issues warning over rise of 'vibe crime' as cyber criminals turn to agentic AI to automate attacksNews Trend Micro is warning of a boom in 'vibe crime' - the use of agentic AI to support fully-automated cyber criminal operations and accelerate attacks.
-
NCSC issues urgent warning over growing AI prompt injection risks – here’s what you need to knowNews Many organizations see prompt injection as just another version of SQL injection - but this is a mistake
-
AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals — and teams at Amazon are already seeing huge gainsNews AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals, and the company has already unlocked significant benefits from the technology internally.
-
HPE selects CrowdStrike to safeguard high-performance AI workloadsNews The security vendor joins HPE’s Unleash AI partner program, bringing Falcon security capabilities to HPE Private Cloud AI
-
Microsoft opens up Entra Agent ID preview with new AI featuresNews Microsoft Entra Agent ID aims to help manage influx of AI agents using existing tools
-
GitHub is awash with leaked AI company secrets – API keys, tokens, and credentials were all found out in the openNews Wiz research suggests AI leaders need to clean up their act when it comes to secrets leaking
-
Generative AI attacks are accelerating at an alarming rateNews Two new reports from Gartner highlight the new AI-related pressures companies face, and the tools they are using to counter them
-
Hackers are using AI to dissect threat intelligence reports and ‘vibe code’ malwareNews TrendMicro has called for caution on how much detail is disclosed in security advisories
