2024 caused countless new cybersecurity challenges, including significant growth in the landscape of mobile threats, according to Lookout.
Threat actors, ranging from nation states to individuals, are increasingly aimed at mobile devices for the start of their attacks to steal references and infiltrate the business cloud in a path known as the modern killing chain. More than ever, organizations of all sizes in each industry must consider mobile targeting as a canary of the coal mine – an early indication that they could be attacked elsewhere in their infrastructure.
IOS phishing attacks increasing
Thanks to the approach of the Apple enclosed garden, iOS is the mobile operating system of choice for most corporate organizations. This makes sense, because the complexity of an environment rich in Android would mean managing dozens of manufacturers of devices.
However, it is not because iOS cannot work on Apple devices that these users are less likely to interact with mobile phishing attacks. Unlike mobile malware, which is based on the operating system of the target device, mobile phishing attacks are based on the web. This means that they can be delivered to any device via any application with a messaging function.
Lookout observed that 26% of iOS devices were targeted by threat actors with phishing attacks compared to Android users (12%) in 2024.
Vulnerabilities, no matter where they exist, can be a very effective point of initial access to a threat actor. Mobile operating systems and applications have vulnerabilities in their code like any other software, and most often these vulnerabilities can be used by simply sending a link to the target device.
Zero click -click exploitation is a tactic used by threat actors in the mobile landscape, which means that security teams have little or no time to act if the device of an employee is vulnerable. Known vulnerabilities often take a few weeks to patcher, and even once these fixes are available, end users take the time to update their devices and applications.
427,000 malicious applications have been detected on business devices, which can vary considerably from infostators to sophisticated spy software. The vast majority of malicious software discoveries have been classified as Trojan’s malicious software, followed by surveillance software and adware.
Configuration errors can compromise mobile devices
The safety of mobile devices must now be a priority for security teams, given the increased availability of sophisticated malware, the development of movable malware sponsored by the State, a significant number of zero-day iOS vulnerabilities and significant dependence on mobile social engineering. The most critical families of mobile malicious software continued to look greatly towards Android surveillance.
Globally, the APAC region has the highest phishing rates, followed by EMEA and North America.
In addition to phishing, malicious applications and software, configuration errors can occur and open the entire device to be taken up. This can range from simple device parameters to advanced malicious software that earns radicular access to the device. Configuration errors of the main devices include the obsolete operating system (29.5%), levels of Android safety fixes (ASPL) (11.5%), no device locking (12%) and no encryption (3.3%)
“Target mobile devices as a gateway to business clouds has become the Modus Operandi of actors in modern threat. However, mobile devices remain a common blind spot for organizations,” said David RichardsonProduct VP, Lookout. “To stay ahead of threats, organizations must prioritize mobile security as an integral part of their global defense strategy.”
