In the second quarter of 2024, Lookout detected over 80,000 malicious apps on enterprise mobile devices. The top ten most common mobile app vulnerabilities encountered by Lookout users were found in components of mobile browsers.
These vulnerabilities are often exploited by attackers who hope that users have not updated to patched versions, making them susceptible to attacks. David Richardson, vice president of endpoint and threat intelligence at Lookout, emphasized the success of targeting employees through mobile-based phishing attacks and recommended implementing a comprehensive defense strategy to safeguard against multiple points of compromise, including mobile, cloud, and data protection.
He also suggested viewing Mobile Device Management (MDM) as a complement to Mobile Threat Defense (MTD) solutions to effectively protect against mobile phishing and other threats that MDMs cannot address. The top three most encountered mobile malware families are IdShark spyware, the Triada trojan, and the MoneytiseSDK trojan—all of which target Android devices.
Additionally, more than 40 percent of iOS vulnerabilities disclosed in the last 18 months have had a Common Vulnerability Scoring System (CVSS) score of seven or greater, with 35 percent falling into high or critical categories, indicating that iOS is also vulnerable to security risks.