A new report reveals a continued growth toward mobile-powered business along with the increasingly sophisticated security risks facing it, including spyware, phishing and ransomware.
This year’s Zimperium’s Global Mobile Threat Report 2023 examines trends that shaped the mobile security landscape over the last year and draws on the research from Zimperium’s zLabs researchers, as well as third-party industry data, partner insights and observations from leading industry influencers. Key among the findings is that 43% of all compromised devices were fully exploited (not jailbroken or rooted), an increase of 187% year-over-year.
Key report highlights
- 80% of phishing sites target mobile devices specifically or are designed to function both on desktop and mobile. Meanwhile, the average user is six to 10 times more likely to fall for SMS phishing attacks than email-based attacks.
- During 2022, Zimperium detected an average of four malicious/phishing links clicked for every device covered with its anti-phishing technology.
- EMEA and North America have the highest percentage of devices being impacted by spyware, with EMEA at 35% and North America at 25%.
- Both Apple and Android saw increasing instances of detected vulnerabilities. There was a 138% increase in critical Android vulnerabilities discovered in 2022, while Apple iOS accounted for 80% of the zero-day vulnerabilities actively being exploited in the wild.
- Between 2021 and 2022, the total number of unique mobile malware samples rose 51%, with more than 920,000 samples detected, including Dirty RatMilad, MoneyMonger and Dark Herring.
- In 2021, according to the report, malware was detected on 1 out of 50 Android devices. It increased in 2022 to 1 out of every 20 devices.
- Improper cloud storage configurations in mobile apps are a leading attack surface. Zimperium analysis concluded that ±2% of all iOS and ±10% of all Android mobile apps accessed insecure cloud instances.