Mobile Security Firms Fortify Defenses as App Attacks Accelerate

Better cybersecurity may soon come to a mobile app you use in time to defend against a rising wave of data breaches, malware assaults, and AI-powered bot attacks.

Mobile app security firm Appdome on Jan. 23 released technology upgrades to its mobile app security tools. The new digital defensive product will help shield against over 100 attack vectors plaguing the digital realm.

More than just another security solution, MobileBot Defense offers a comprehensive safeguard designed to tackle the increasingly sophisticated threats in the mobile channel. Key features include a robust defense against fake, weaponized, and malware-controlled apps.

These protections are crucial in an era when deceptive applications, mimicking legitimate ones to steal user data, flood app stores.

Moreover, the product offers a powerful barrier against bot attacks and credential stuffing, which have become prevalent methods for cybercriminals to bypass standard security measures. These attacks can lead to massive data breaches, causing businesses significant financial and reputational damage.

It can also thwart DDoS attacks that can cripple an entity’s online services and prevent account takeovers that can lead to unauthorized access to user accounts. Both have severe implications for the business and its customers.

The new capabilities via extensions to MobileBot Defense make it fully portable to any web application firewall (WAF). These extensions can save mobile brands millions of dollars, extend the useful life of existing WAF infrastructures, and drive down the cost of extending bot defense to the mobile channel, according to Appdome.

“Most mobile brands have heterogeneous WAF environments or are looking to change, add, or upgrade only part of their WAF environment,” said Tom Tovar, CEO and co-creator of Appdome.

“By combining no-code, no-SDK, and no-server value proposition with full portability for bot defense, brands now have the operational flexibility to extend bot defense to the mobile channel without forklift upgrades to the entire WAF environment.”

Mobile Apps in Bot Attack Crosshairs

Mobile apps typically face a much larger attack surface than web apps, and the threats are much more varied and complex. Plus, they suffer the risk of being hit with an increasing number of malicious bot attacks on mobile apps, a significant and concerning trend in the cybersecurity landscape, according to Alan Bavosa, vice president of security products at Appdome.

“There are thousands of unique attack vectors attackers exploit within the mobile channel, attacking the device, the mobile app, and the network — usually all at once,” he told TechNewsWorld.

These include device/OS threats such as rooting/jailbreaking, rootkits/root hiding/jailbreak and root detection bypass, emulators/simulators/virtualization tools, and kernel-based attacks. Add to this list application threats such as auto-clickers, code injection, overlay attacks, and fake apps/clones, as well as network-based threats, such as MitM attacks, SSL pinning bypass, malicious proxies, session replay attacks, and more, explained Bavosa.

The increasing number of bot attacks on mobile apps, often aided by AI, is highly significant. “They pose serious threats to the security and functionality of mobile applications, users, and brands,” he warned.

“AI’s role in the sophistication and effectiveness of these attacks includes their ability to mimic human behavior and evade traditional security measures. AI-powered bots can also adapt their strategies based on the evolving defense mechanisms, making them more challenging to detect and combat,” Bavosa said.

AI-Enhanced Apps and Security Imperatives

In today’s uncertain economic climate, retailers increasingly emphasize mobile apps to fuel business growth and maximize return on investment. To achieve success, however, retailers must do more than just develop a native mobile app for their key audiences, according to Lawrence Snapp, CEO of AI-powered app developer Bryj.

“Brands must deliver on users’ heightened expectations for the mobile app experience. This includes hyper-personalizing the digital retail experience by leveraging AI to craft targeted product promotions and tailored advertisements for customers based on their purchase history, as well as utilizing AI-powered platforms to enhance app performance, discoverability, and retail customer acquisition efforts,” he told TechNewsWorld.

Snapp added, “As the most effective and affordable media channel, retailers will increasingly lean on native mobile apps for sustained business success in 2024 and beyond.”

Mobile security platform developer Zimperium stated in its Global Mobile Threat Report 2023 that there was a 51% increase in the total number of unique mobile malware samples. This surge is primarily due to mobile devices being the main endpoint for personal and professional use, making them prime targets for attackers.

“Banking trojans, in particular, provide a significant ROI for attackers, and their proliferation has drastically increased, along with attackers using novel techniques to evade traditional detection approaches. As mobile devices continue to be the central endpoint in people’s lives in the year to come, we expect to see this trend of increasing number of attacks and malware continue to grow exponentially,” Zimperium VP of Pre-Sales Americas Kern Smith told TechNewsWorld.

Transitioning to mobile ID technology could provide an added alternative to traditional mobile app security. One of the reasons why the transition toward mobile IDs is occurring at such a pace is that they are far harder to fake when compared to physical IDs, which can be duped, stolen, counterfeited, or manipulated in a variety of sophisticated and rudimentary ways, suggested Andrey Stanovnov, co-founder and CTO at IDScan.

“As individuals and businesses adopt mobile IDs and the processes to verify them, we may see a rise in fake physical identification documents that hope to slip through increasingly prevalent digital checks. This is why businesses must ensure both physical and digital verification systems are equipped to deal with illegitimate credentials, whatever form they come in,” he told TechNewsWorld.

Better Bot Defense

Unlike other anti-bot products, users can employ Appdome’s Defense platform with any cloud, hosted, or on-premises web application firewall. Further, it does not require a software development kit (SDK), mobile app code changes, or servers and offers full support for all mobile languages and frameworks.

Appdome also released real-time visibility of bot attacks in its ThreatScope Mobile XDR.

The new bot detection and analytics service allows mobile brands to measure, track, investigate, report, and respond to threats and attacks across the WAF infrastructure. It provides SOC-class visibility into mobile bot attacks and threats with a full drill-down on attacks against specific apps, devices, OSs, releases, and more, all without a separate analytics package, SDK, or device agent.

“Portability and visibility offer a ton of financial advantages for brands with a significant or growing mobile app installed base,” Chris Roeckl, chief product officer at Appdome, told TechNewsWorld.

“Where other anti-bot products force developers into siloed offerings using SDKs that work only with the SDK vendor’s WAF,” he added.

Appdome’s bot defense allows brands to preserve the existing WAF investment, unify visibility and response to bot activity across WAFs, and solve bot defense and WAF infrastructure separately, he noted.

Rate Limiting Protection

Appdome brings a measure of uniqueness to its security platform. MobileBot Defense includes a new rate-limiting feature in the app that stops mobile DDoS attacks at the source. Mobile brands can define Appdome Rate Limiting by setting thresholds for the number of attempts allowed to an endpoint within specific time intervals.

“One of the most pressing challenges facing mobile apps and their security is the fact that mobile dev teams and processes have evolved light-years ahead of traditional security methods, particularly with the use of automation everywhere,” said Bavosa.

If you look at the toolchain used by Dev teams within the typical CI/CD pipeline, everything is automated, and the tools all work together seamlessly, he observed.

On the security side, the tools, products, and services legacy security companies offer, such as SDKs, are manual and require the work of coding and constant code updates/changes, Bavosa explained. That places extreme demand on the most resource-challenged organizations — mobile dev/engineering.

“Appdome has brought to market the industry’s first and only dev tool for mobile cyber defense that allows our customers to unify their mobile app security requirements in a single platform in the CI/CD pipeline that the organization is already using to build and release mobile apps,” he said.

Multi-Vendor Compatibility

Other security solutions cannot achieve multi-vendor mobile bot defense for the mobile channel, according to Bavosa. WAF providers have their own SDKs that must be manually coded into a mobile app for the solution to work at all for mobile.

An app can only have one web application firewall SDK. Suppose you have a heterogeneous WAF environment, as most large enterprises do. In that case, you need to implement two or more SDKs, and those solutions will never work with each other, as the multiple SDKs will conflict and cause the mobile app to crash.

Appdome MobileBot Defense, on the other hand, works with multi-vendor WAFs. This compatibility provides huge cost and operational benefits to mobile brands, Bavosa concluded.