View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
December 12, 2013

Eighty of the top 100 paid Android and iOS apps ‘hacked’

Apple and Google app stores highly vulnerable, security firm warns.

By CBR Staff Writer

Nearly eight in ten paid apps in Apple’s and Google’s app stores have been compromised this year, with financial apps on Android particularly vulnerable, a new research found.

According to Arxan’s latest ‘State of Security in the App Economy’ report, 73% of free Android apps and 53% of free iOS apps have been hacked, compared to 80% of Android apps and 40% of iOS apps compromised last year.

Arxan CTO Kevin Morgan said that the widespread use of ‘cracked’ apps represents a real danger given the explosion of smartphone and tablet use in the workplace and home.

"Not only is IP theft costing software stakeholders millions of dollars every year, but unprotected apps are vulnerable to tampering: either through installed malware or through decompiling and reverse engineering – enabling hackers to analyse code and target core security orbusiness logic that is protecting or enabling access to sensitive corporate data," Morgan said.

Of all apps, mobile financial apps are found to be at high risk, with 53% of such Android apps being ‘cracked’, while 23% of the iOS financial apps were hacked variants.

"Pirated versions of popular software are available on numerous unofficial app stores like Cydia, app distribution sites, hacker/cracker sites and file download and torrent sites," Morgan added.

"During our research we discovered that some of the hacked versions have been downloaded over half a million times which gives a sense of the magnitude of the problem especially as we embark upon a season of high consumer activity that will involve payment transactions, and consumption of products and services via the mobile endpoint."

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

According to the report, mobile apps are still exposed to diverse hacking attacks launched via a three-step process including analysis of code, detecting software target and launching an app attack.

"The challenge for greater mobile application security remains significant and core recommendations for improving mobile application security need to be integrated early in the application development lifecycle and made a key component of any mobile first strategy," Morgan added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.