Post preview
Request a Personalized DerScanner Demo

The Most High-Risk Mobile Vulnerabilities and How to Protect your data

Mobile apps that process personal data and access device’s internal files, camera, and microphone present hackers with all kinds of opportunities. Daniil Chernov, Chief Technical Officer, DerSecur LTD., summarized the most high-risk mobile vulnerabilities, the consequences of exploiting them, as well as protection measures.

The worst issue to deal with is when a data channel between a user device and app developer's server is compromised. An attack can succeed if the data is not encrypted and a particular server and app are not verified as eligible for interaction.

Connecting to an open Wi-Fi network implies the risk of an attacker appearing between the server and app – a man-in-the-middle attack. The attacker relays communication between the two, which means that the user could lose personal, financial or account data (depending on the app function), make a wrong transaction, etc. If you need to log in to a banking app or any other program that processes valuable information, our expert strongly advises against connecting to public Wi-Fi networks.

Our expert also highlights another group of vulnerabilities which hackers can exploit by writing malicious code. A user may face various consequences, including data interception and blackmailing. Data can also be sold on the darknet, or the attacker might take full control over the device and act on behalf of the victim. Performance degradation, lags, and rapid battery depletion are possible flags of the malware presence on your device.

It is recommended to set up automatic app and OS updates, and allow new apps to access only the resources they need to perform their functions. Android users should employ antivirus software, download apps only from Google Play, transfer files from trusted sources, and never root devices, just like iOS users should stay away from jailbreaking.


Request a Personalized DerScanner Demo
Building a secure development process for a retailer. Part 4 Summary of a major project
Interview at GISEC 2023
SDLC, or How to Make Development More Secure?