Skip to main content
  1. Home
  2. Phones
  3. Android
  4. Apple
  5. Mobile
  6. News

Around 40% of Android and iOS apps have high-risk vulnerabilities

Add as a preferred source on Google

It looks like the apps we use may be at a higher risk of having vulnerabilities than anyone previously thought. According to a new study, which involved expert testing of iOS and Android apps, over a third of iOS and Android apps have high-risk vulnerabilities. In other words, there are likely at least a few apps that leave your data exposed.

The study comes from Positive Technologies’ Vulnerabilities and Threats Mobile Applications 2019 report and noted that the majority of vulnerabilities came in the form of insecure data storage. More specifically, 43% of Android apps were found to have vulnerabilities, while 38% of iOS apps suffered the same fate.

Recommended Videos

There’s an even bigger problem than the basic fact that there are so many vulnerable apps — and that’s the fact that 89% of those vulnerable apps can be exploited by malware, meaning that potential hackers don’t need actual physical access to exploit the vulnerabilities. According to the study, once the malware is on the device, it can get permission to access user data, and then send that data to attackers. A much smaller percentage of apps had source code vulnerabilities.

“In 2018, mobile apps were downloaded onto user devices over 205 billion times. Developers pay painstaking attention to software design in order to give us a smooth and convenient experience and people gladly install mobile apps and provide personal information. However, an alarming number of apps are critically insecure, and far less developer attention is spent on solving that issue. Stealing data from a smartphone usually doesn’t even require physical access to the device,” Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, said in the study.

So what can be done to prevent attacks? Well, it really comes down to consumer education. Users should take care to be aware of the apps and the data that apps are requesting, and not grant apps access to data that they don’t need. If you’re ever in doubt, always decline the request to access. Not only that, but users should never open unknown links in SMS and chat apps, and Android users should only download apps from the Google Play Store and not third-party stores.

Christian de Looper
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
Instagram is letting people generate AI images of you. Here’s how to stop it.
You post a selfie, a stranger types a sentence, and suddenly there's an "AI you" doing who knows what. One toggle makes it stop.
Instagram reuse setting feature

Instagram recently released its Muse AI, the company’s very own image and video generation service. On the surface, it looks like a good tool to help creators bring their imagination to life. But under the hood, it hides a scary detail that all Instagram users should be aware of. 

Even if you don’t care about the rise in AI slop this will enable, you should care that someone might be using your images and videos to do it. Yes, you read it right. Using Muse AI, anyone can use your Instagram photos and videos to create AI-generated content. 

Read more
This photo might be your first real look at the Galaxy Z Fold 8
A Reddit post claims to show Samsung's wider foldable in person, weeks before the July 22 Unpacked event.
Electronics, Speaker, Mobile Phone

Samsung's next foldables have already been picked apart by a string of leaks over the last few months. Official-looking renders have shown off the Galaxy Z Fold 8, Fold 8 Ultra, and Flip 8 in their expected colors, and reports have detailed specifications and pricing for all three, with costs said to be rising in both the US and Europe. The one thing missing was a live photo of the actual devices, and that gap just got filled.

An early look at Samsung's upcoming lineup

Read more
Spotify just gave Release Radar new controls so you can find new music your way
Spotify's Release Radar gets new session controls to filter new music by genre, artists, and more.
spotify-release-radar

If your Friday Release Radar has been feeling a little hit or miss lately, Spotify just gave you the tools to fix that. The streaming platform is rolling out a set of new session controls to Release Radar globally today, available on both mobile and desktop. The update lets you shape what your weekly new music playlist looks like, instead of listening to whatever the algorithm serves up.

What can Spotify's new Release Radar controls do?

Read more