"Mobile Devices See 466% Annual Increase in Zero-Day Attacks"

Security researchers at Zimperium have found that more than two million mobile malware samples were detected in the wild last year, with threats impacting over 10 million devices globally. The mobile security vendor compiled its 2022 Global Mobile Threat Report based on insight collected from its security research team and a survey of global tech leaders. The researchers found that over two-fifths (42%) of organizations had witnessed a security incident stemming from unpatched mobile apps or devices, while more than a fifth (23%) encountered malicious apps. The researchers also found that nearly a third (30%) of zero-day vulnerabilities in 2021 targeted mobile devices, and there was a 466% year-on-year increase in exploited zero-day vulnerabilities used in active attacks against mobile devices. Interestingly, despite its reputation as a more secure ecosystem, vulnerabilities in iOS accounted for 64% of mobile-specific zero-day attacks. The researchers noted that many of these threats start with a phishing lure. Three-quarters (75%) of the phishing sites analyzed by Zimperium specifically targeted mobile devices. The researchers also found that cloud misconfiguration is a significant cyber-related risk in the mobile sphere. Zimperium’s analysis of over 1.3 million Android and iOS apps revealed that 14% of those using public cloud backends had misconfigurations that exposed users’ personal information.

Infosecurity reports: "Mobile Devices See 466% Annual Increase in Zero-Day Attacks"