Mobile Threat Team Finds Increasing iOS Risk while Google Tries to Shore Up Android Security
SAN FRANCISCO—May 4, 2016—Appthority, the leader in enterprise mobile app risk management, today released its Q2 2016 Enterprise Mobile Threat Report with mobile app risk research from the Appthority Enterprise Mobile Threat Team (EMTT). The report provides analysis of the state of security in the Apple App Store with details on the latest breaches as well as an expert review of an updated enterprise security toolset from Google, Android for Work.
In the Q2 2016 Enterprise Mobile Threat Report, the company gives a detailed view of the latest iOS breaches: JSPatch and AceDeceiver. The JSPatch open source platform is being used by cyber criminals as a backdoor to modify apps, exposing an enterprise to data leakage and privacy issues. AceDeceiver, a Trojan app which phishes for users’ Apple username and password was removed from the App Store after two months but remains as a Dead App on employee devices where it increases enterprise risks of data leakage.
“Six security vulnerabilities have surfaced in the Apple App Store in the last seven months, meaning enterprises can no longer blindly trust Apple’s vetting process for apps and need to take additional steps to ensure they are not at risk,” said Robbie Forkish, vice president of engineering at Appthority. “Even as hundreds of infected apps are removed from the App Store, enterprises need an easy, quick way to identify and remediate infected apps, as well as other ‘Dead Apps’ in their enterprise environments.”
The report also reviews Google’s new enterprise toolset Android for Work. The EMTT found that while Android for Work takes steps to improve the security posture of Android in the enterprise, there continue to be challenges for Android. Most notably, the fact that most Android devices are running un-patched, outdated versions of the OS, means security risks remain high.
“Android for Work is a great step in the right direction by Google,” said Domingo Guerra, co-founder and president of Appthority, “but enterprises will need to go further. With only 4.6 percent of Android devices running Marshmallow six months post launch, security patches to known vulnerabilities are not making their way to the enterprise quickly enough. And, to quickly and securely identify and populate Work Profiles with enterprise safe apps, IT and Security Administrators will still need an app risk management solution.“
Key findings from the Q2 2016 Appthority Enterprise Mobile Threat Report:
- Apps infected with security vulnerabilities are still being allowed into the official Apple App Store – More than 960 apps infected with JSPatch were found on enterprise customer devices and the official iTunes App Store. JSPatch increases enterprise data and privacy risk because it creates a backdoor for bad actors to make app changes that enterprises are not aware of and which are never re-vetted by Apple.
- The AceDeceiver Trojan app shows that phishing and ‘Dead Apps’ are still real enterprise security concerns – The AceDeceiver trojan provides access to a third party or rogue app store and leverages security flaws in Apple’s DRM technology to install itself onto non-jailbroken devices without any warnings to the user. The AceDeceiver Trojan also acts as a phishing attack, asking the user for his or her Apple ID and password. The credentials are then sent to the attackers in China. This vulnerability was live in the App Store for over two months, and apps infected with the Trojan are still found on enterprise devices today.
- Android for Work improves enterprise experience, but low OS upgrades leave organizations at risk – IT Administered Work Profiles could prove helpful, new VPN functionality helps prevent corporate data leakage and overall security improvements all make Android more attractive for enterprise use, but with most devices not on the latest Android software, risk remains high.
To download the Q2 2016 Appthority Enterprise Mobile Threat Report, please visit: http://info.appthority.com/-q2-2016-mtr-download
Appthority’s Enterprise Mobile Threat Team (EMTT) monitors and researches the latest mobile risks that are direct threats to the enterprise. The EMTT is composed of security industry veterans that have decades of experience in protecting mobile devices.
Appthority provides the industry’s first all-in-one App Risk Management service that employs dynamic and behavioral analysis to immediately discover the hidden actions of apps and empower organizations to apply custom policies to prevent unwanted app behaviors. Having analyzed more than three million apps for its Global 2000 and government customers, only Appthority combines the largest global database of analyzed public and private apps with advanced policy management tools to automate control over risky app actions and protect corporate data. Appthority delivers visibility and trust to enterprises and their rapidly expanding app ecosystems. Headquartered in San Francisco, Appthority is venture-backed by U.S. Venture Partners and Venrock and additionally funded by Blue Coat Systems, and Knollwood Investment Advisory. More information on Appthority can be found at: https://www.appthority.com/
Appthority name and logo are either registered trademarks or trademarks of Appthority, Inc. in the United States and/or other countries. All other products and/or services referenced are trademarks of their respective companies.
MSLGROUP for Appthority
+1 (415) 512-0770