Mobile applications are quietly attracting more and more malevolent attention — and for good reason. They contain a trove of private information about their users. In the iOS universe alone, 82.78%, or about 1.55 million apps, track private user data, according to the trends tracker Exploding Topics.
Mobile apps have also proven to be particularly vulnerable attack surfaces for cybercriminals. “Invisible” points of ingress and egress inside mobile apps can be compromised before legacy security tools even detect a breach. Those points include API calls, background syncing, and push notifications.
Satish Swargam, principal security consultant at Black Duck Software, an application security company in Burlington, Mass., explained that a mobile user can grant permissions in mobile apps. “Most users do not diligently apply the permissions and broadly grant permissions, allowing malicious apps to exploit these invisible points,” he told TechNewsWorld.
What’s more, legacy tools often don’t identify suspicious behavior until it’s too late. AI-powered fraud can bypass multi-factor authentication, exploit memory-related bugs and vulnerabilities, and hijack transactions in real time.
“AI has changed the entire landscape for protecting mobile consumers, mobile transactions, mobile revenue, and mobile experiences. It’s lowered the barrier to creating attacks,” said Tom Tovar, CEO of Appdome, maker of a security and integration platform for mobile developers and enterprise professionals, in Redwood City, Calif.
“I think we’ve seen a real dark renaissance around the use of AI to create attacks, enhance them, amplify them, and levy them against more and more consumers more easily than ever,” he told TechNewsWorld.
“If you’re in the defense business, it’s an amazing time,” he said. “But if you’re just an average everyday consumer, it’s a pretty scary time.”
“AI-powered attacks both in the real world and with mobile apps are making it easier and faster for threat actors to compromise systems,” added Chris Hills, chief security strategist at BeyondTrust, a maker of privileged account management and vulnerability management solutions in Carlsbad, Calif.
“AI trained for malicious purposes can easily scan, discover, expose, and exploit flaws much more quickly than a normal human could ever,” he told TechNewsWorld. “This is why the fight to harness AI for good purposes is so important.”
Mobile App Design Lacks Built-In Security
Mobile apps are tempting targets for threat actors because they’re everywhere and packed with valuable information, said T. Frank Downs, senior director of proactive services at BlueVoyant, an enterprise cybersecurity company in New York City.
“Think about all the personal data your apps have access to — from your location and contacts to your financial details,” he told TechNewsWorld. “With everyone constantly glued to their phones, the potential for data harvesting is enormous. Plus, the mobile app landscape is so diverse, with lots of operating systems and app stores, making it challenging to roll out security measures that fit every scenario.”
© 2025 Subserve IT Solution Private Limited. All Rights Reserved.