NEWS Half the Smartphones in the World Are Defenseless. Is Yours One of Them?

ExcalibuR

Legend
LEGEND
PREMIUM
MEMBER
Joined
Jan 17, 2025
Messages
4,030
Reaction score
7,916
Deposit
11,800$
This isn't just a statistic — it’s a risk to every second user.
1746070317784.png

Half of all mobile devices worldwide still operate on outdated operating systems, leaving them highly vulnerable to cyberattacks, according to a new study by Zimperium. Amid a surge in mobile-focused cyber threats, experts warn that both personal and corporate smartphones face a growing risk of exploitation.


One of the most alarming trends is the explosion of SMS-based phishing, known as smishing, which now accounts for nearly 70% of all mobile phishing attacks. Attacks via voice calls (vishing) are also on the rise, showing a 28% year-over-year increase, while smishing alone has grown by 22%, cementing its place as a leading social engineering vector.


According to the report, the issue isn’t just that users avoid installing updates — one in four devices no longer receives updates at all. These are legacy devices with expired support, meaning no new patches or security fixes are issued, regardless of vulnerabilities discovered.


“Security isn’t optional — it’s essential.”

A recent study by Qrator Labs underscores that prolonged use of unsupported devices dramatically increases the risk of them being drafted into botnets. This poses a threat not only to individual users but also to entire companies, which continue to suffer from large-scale DDoS attacks originating from infected mobile endpoints.


App security is another major concern. More than 60% of iOS apps and one-third of Android apps lack even basic code protection. Nearly half of all apps are prone to data leaks, exposing sensitive information like contacts, geolocation, passwords, and other personal data to unauthorized access.


Mobile Malware on the Rise​


Mobile malware remains the top tool for attackers. Over the past year, the number of trojans has surged by 50%, with new malware families emerging — including Vultur, DroidBot, Errorfather, and BlankBot. These threats specialize in stealthy access, data harvesting, user activity monitoring, and even real-time screen capture.


An added danger comes from apps downloaded outside official app stores. Unlike Google Play or the App Store, third-party sources lack proper vetting, making them prime channels for delivering trojans, spyware, and phishing kits. Even internal corporate apps often suffer from weak architecture, insecure APIs, and a lack of fundamental protections.


Recommendations for Minimizing Risk​


Experts recommend organizations:


  • Deploy real-time mobile threat detection tools.
  • Enforce regular device updates.
  • Restrict unauthorized app installations.
  • Apply a zero-trust model for mobile access.

These steps are especially crucial as smartphones continue to evolve into core tools for handling sensitive corporate data.


Would you like a checklist for securing mobile devices in your organization or a brief for employee awareness training?
 
Top Bottom