Mobile app security still not up to the point

Mobile app security still not up to the point

November 4, 2020 Off By admin

Security is rarely mentioned when referring to mobile applications.

Where we rarely talk about mobile applications when we talk about computer security. Yet this is a fact not to be overlooked. Today, much of the Internet traffic and other uses of digital technology are largely based on mobile applications. Because in terms of increasing use, smartphones and tablets are breaking all records. Unfortunately, in 2019, there has been an increase in the number of cyber attacks using mobile applications. Examples include hacking dozens of WhatsApp accounts target in particular. The hacking of a government application supposedly very secure of the name of tchap. The deactivation of the 7-Eleven grocery payment app, allowing cyber criminals to steal loans of 500 euros to each user.

This article will also interest you: Mobile app security still not at the point Computer security: 25 apps removed from PlayStore by Google

If Face has all these examples one would have thought that mobile app publishers could have learned a lesson from this, however vulnerabilities continue to be increasing and the impacts on businesses are being observed almost every month. Like what:

– during April of this year, ZecOps cybersecurity researchers discovered the possibility of attacking the native email app on iOS;

– during the month of May, the polling application Wishbone victim is affected by a cyberattack. Nearly 40 million users have had their passwords stolen and other personal information. Yet in 2017 a similar computer attack was recorded at the level of the application's publisher. At the time, only two million emails had been stolen. But the problem could have been avoided again.

– during the month of February 2020, ethical hackers had managed to accumulate vulnerabilities of the McDonald's application in order to suffer unlimited burgers. Fortunately for the company, they informed them.

There are also several reasons for the different security issues affecting mobile applications. First, it should be mentioned that smartphones are now very popular as we have meant above. It is valued at nearly the 3.5 billion in circulation. There are applications. To be used by more than 100 million people. For example, WhatsApp alone has 1.5 billion regular users, including very important people. So many users is of course has to pull hackers who sees in a source of not insignificant revenue. Second, whether it's Android or iOS, publishers are putting all the means at their disposal to make their operating systems as secure as possible. And efforts often feel in a crazy competition to determine who best protects the give to users. Unfortunately, this creates a position of trust that in some way undermines the safety of users. Indeed, the sense of confidence generated by this crazy race will push mobile app publishers to lower their guards and make less effort. For them, the operating system handles the issue of security.

"The result of the two previous points is a glaring lack of "safety culture" among mobile development players: not only in many developers, but also in designers, designers, and even management teams. explains Hervé Bérenger. "Unlike UX, an area where the virtually cross-cultural collaborations between developers, designers and project managers are numerous and fruitful, security is the great forgotten of mobile design. Instead of being everyone's business, it is nobody's business. This is a school case of the "not my job" syndrome: if I am not responsible for the security of my app, then I will not be guilty if it gets hacked. he adds. "The best-known applications ignore basic safety rules. One might think that security problems, it is well known, only happen to others, and that it is necessary anyway to deploy ultra-sophisticated techniques to compromise an app – like the amazing methods of technicality deployed by NSO Group when it attacked WhatsApp. It is not. ».

Now access an unlimited number of passwords:

Check out our hacking software