The State of Payment Apps’ Malware Defense
Q3, 2023
In our Q3 report, our team used the screen reader previously used against the world’s most-used financial services apps. This screen reader exfiltrates data like real-world malware. We used this tool to see if we could extract sensitive information from 73 of the world’s most-used payment apps to assess their security level and understand how they tackle a common malware-style exfiltration attack.
Download the report to learn about:
- Android Accessibility services and how malicious actors exploit them to spread malware
- The results from our real-world testing of how 100 of the leading Android payment apps fare against screen reader attacks
- Don’t miss our Security team’s recommendations to stay one step ahead of cyber threats
The State of Financial Services’ Malware Defense
Q2, 2023
Malware continues to target financial services apps. According to SecureList, more than 57,000 banking trojans were observed in Q1 2023, up 19% over Q4 2022. These trojans can steal customer credentials, observe, and record personal data and sometimes conduct transactions.
Download the report to learn about:
- Android Accessibility services and how malicious actors exploit them to spread malware
- The results from our real-world testing of how 100 of the leading Android banking and financial apps fare against screen reader attacks
- Don’t miss our Security team’s recommendations to stay one step ahead of cyber threats
The State of Game Security
Q1, 2023
This report reviews mobile gaming security, exploring how the top games by revenue protect themselves against hooking frameworks, repackaging, and rooted devices.
Our Q1 report explores the overall security level for mobile games. To assess that level, we checked more than 350 Android games to see how they fared against our repackaging attacks, deployment of hooking frameworks, and how they handled the detection of a rooted device. Initial results showed that most apps were vulnerable to our attacks.
The State of Repackaging
Q4, 2022
Securing today’s mobile applications requires protecting not only the app code while at rest, but also the entire app process when in runtime. As attacks have grown more sophisticated, so too have the tools and techniques to mitigate and protect against these attacks.
Our Q4 report specifically explores repackaging, a code alteration or injection attack primarily directed at Android apps, in particular banking and finance apps. In the report, you will find a short primer on repackaging, followed by a review of the hundreds of financial services apps across various sectors, install bases and regions to assess the overall level of security against this common attack.