Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The digital revolution is causing businesses to invest significantly in mobile not only to make more frequent and meaningful interactions with consumers but also to feed a ravenous demand. Users downloaded over 200 billion apps in 2019 and spent more than $120 billion in app stores worldwide. In 2020, consumers will surpass those marks, as mobile usage takes up more and more of our daily lives—3.7 hours on average and rising, according to App Annie.
Although mobile apps help drive business, the mobile app threat landscape is a significant portion of an enterprise’s overall attack surface that exists beyond the firewall, where security teams often suffer from a critical lack of visibility. Threat actors have made a living taking advantage of this myopia to produce “rogue apps” that mimic well-known brands and are purpose-built to fool customers into downloading them. These imposter apps are an effective tactic because our brains recognize and make instantaneous judgments about visual stimuli. Once downloaded, they can phish users for sensitive information or upload malware to their devices.
On rare occasions, these rogue apps appear in official stores, even breaching the robust defenses of the Google Play and the Apple App stores. However, there are hundreds of less reputable app stores within the mobile app threat landscape, that represent a murky mobile underworld that exists outside of the relative safety of major stores. With many of these apps found in stores hosted in countries known for cybercrime, such as China, or outside of stores altogether on the open web (often referred to as feral apps), it’s no wonder CISOs can’t keep tabs on them. However, for businesses, even though they don’t own or manage these apps, they’re still a part of their attack surface and thus are responsible for detecting and addressing them.
With a proactive, store-first scanning mentality, RiskIQ observes and categorizes the mobile app threat landscape as a user would see it, monitoring both the well-known stores like the Apple App Store and Google Play, but also more than 120 others around the world. RiskIQ also leverages daily scans of nearly two billion resources to look for mobile apps in the wild. Every app we encounter is downloaded, analyzed, and stored so that we can record changes and new versions.
The report found Blacklisted Apps were on the decline, possibly led by efforts by Google.
RiskIQ’s 2019 Mobile App Threat Landscape report is an analysis of this murky mobile app underworld spanning the open web and app stores around the world. Drawing from our daily scans, we highlight where threat actors focused their efforts in 2019 as well as trends that may carry into 2020.
Download the report for a snapshot of 2019’s mobile threat landscape and dive into emerging trends we anticipate carrying into the 2020s. Also discover:
Get the Report>>
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Enrich @Splunk security with attacker-facing asset discovery. Build reports, dashboards, identify vulnerabilities, and enable proactive attack surface management. Learn more and get the app! https://bit.ly/38wV3rm
Security in Google Play is improving, but bad actors can still place mobile apps there. In 2019, RiskIQ detected 25,647 blacklisted apps in the Google Play Store.
'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store http://ow.ly/xniR50AuqJ6 by @jaivijayan #Android #malware #GooglePlay #mobile
Digital change expands what lives outside the firewall. We checked and counted up what we saw. Get the report and take command of your digital attack surface. https://bit.ly/3cOzJ0T
Ready to achieve #ThreatHunting mastery? Check out our most recent threat hunting workshop - we'll show you how to discover unknowns and investigate threats across your organization's attack surface https://bit.ly/2BUDF3V
As the pandemic rages on, we have an election coming up and that brings another round of targeted and themed attacks. RiskIQ Security Intelligence Services Add-on for Splunk helps you extend your program, protecting your organization and constituents. #protect2020 https://twitter.com/RiskIQ/status/1281241793040916483
RiskIQ Security Intelligence Services for @Splunk puts our unmatched internet telemetry at the fingertips of Splunk users, a powerful shield from the onslaught of cybercrime leveraging current events such as #COVID19 and the election. Read more: https://bit.ly/2Oa8ZhH