Mobile app users are being put at risk because software developers are failing to address basic security layer flaws, according to a report from McAfee Labs.
A simulation of man-in-the-middle (MitM) attacks, which eavesdrop on computer communications, showed that login data sent from popular apps could still be intercepted, despite the bugs having been publicly disclosed by researchers from Carnegie Mellon University last September.
Of these risky apps the most popular was a photo editor that has been downloaded between 100 million and half a billion times, which had a flaw that could allow hackers to steal logins to a cloud service used to share pictures.
"Our reliance on mobile devices has been continually increasing over the past few years, with them and the applications that run on them now essential tools for both consumers and businesses," said Raj Samani, EMEA CTO for Intel Security, which owns McAfee.
"With this in mind, it is therefore important that mobile apps have the level of protection required for consumers and businesses to use them safely and so mobile app developers must take responsibility for ensuring that their applications follow secure programming and vulnerability responses."
Almost a tenth of mobile systems overseen by the company suffered an infection last year, much of which was attributed to an advertising network called AirPush.
