A marked surge in attacks on client-side apps could be due to the growing use of AI tools among cyber criminals, according to new research from Digital.ai.
More than eight-in-ten applications are under constant attack, marking a near 20% increase compared to last year, the study found.
Attack rates are rising fast across all industries, most significantly in telecoms, where more than nine-in-ten organizations were attacked, followed by financial services at 88%.
Notably, industries such as healthcare and automotive are now under significant threat, with 86% of automotive apps and 79% of healthcare-related applications under attack.
While Android apps have in the past been the main target, with 90% affected, the gap has narrowed. The number of iOS attacks has risen to 88%, thanks to jailbreaking and more sophisticated exploitation techniques.
Environment attacks, where apps run in compromised conditions such as rooted or jailbroken devices, affected 84% of Android apps and 80% of iOS apps.
"For enterprises, apps represent a gainful bridge to their consumers and employees, but for threat actors, these apps represent lucrative targets," said Derek Holt, CEO of Digital.ai.
"Today, we see more attackers expanding their focus to target not just flagship apps but secondary apps, plugins, add-ons and more".
Android’s open architecture raises questions
The study specifically highlighted the rise of ‘instrumentation attacks’, which involve dynamic code modification or hooking frameworks like Frida.
These were much more common on Android, researchers found, occurring at a rate of 82% compared with 44% on iOS.
A key factor here is because Android’s open architecture makes it more susceptible to runtime manipulation, whereas iOS has stronger built-in restrictions.
Integrity attacks, meanwhile, where app code is modified or repackaged, affected 52% of Android apps and 23.3% of iOS apps.
Again, Android’s app distribution model and third-party app stores make it easier for attackers to distribute modified apps, whereas iOS has tighter app store controls.
Attack surfaces are growing
Concerningly, the attack surface is growing, with Apple’s App Store and the Google Play store together offering nearly four million apps for downloads, with 137.8 billion downloads in 2024.
The rise of effective and freely-available AI tools has made it easier than ever for threat actors to easily reverse-engineer, analyze, and exploit many of these applications.
It’s also given rise to a burgeoning community of threat actors, many of whom are taking advantage of reverse-engineering tools such as Frida and Ghidra, sharing ideas, tips, and tricks.
RELATED WHITEPAPER
Meanwhile, AI tools are fueling a further rise in the rapid development of malware, while supporting threat actors in conducting source code analysis.
"As AI exponentially increases the capabilities of threat actors, businesses must dramatically increase their ability to protect and monitor all applications against reverse engineering, tampering, and man-in-the-middle attacks," said Holt.
"Delivering applications without these security protections is like leaving your front door unlocked and wide open."
MORE FROM ITPRO
-
CISOs bet big on AI tools to reduce mounting cost pressuresNews AI automation is a top priority for CISOs, though data quality, privacy, and a lack of in-house expertise are common hurdles
-
The FBI says hackers are using AI voice clones to impersonate US government officialsNews The campaign uses AI voice generation to send messages pretending to be from high-ranking figures
-
Almost a third of workers are covertly using AI at work – here’s why that’s a terrible ideaNews Employers need to get wise to the use of unauthorized AI tools and tighten up policies
-
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO – as he warns Chinese cyber attacks are at an “unprecedented level”News Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapersNews While not malicious, the bots can overwhelm web applications in a way similar to bad actors
-
Law enforcement needs to fight fire with fire on AI threatsNews UK law enforcement agencies have been urged to employ a more proactive approach to AI-related cyber crime as threats posed by the technology accelerate.
-
OpenAI announces five-fold increase in bug bounty rewardNews OpenAI has announced a slew of new cybersecurity initiatives, including a 500% increase to the maximum award for its bug bounty program.
-
Multichannel attacks are becoming a serious threat for enterprises – and AI is fueling the surgeNews Organizations are seeing a steep rise in multichannel attacks fueled in part by an uptick in AI cyber crime, new research from SoSafe has found.
