Gaming, Financial Services Apps Under Attack

Malicious actors are targeting applications developed for both Apple iOS and the Android platform, according to Digital.ai’s latest Threat Analytics Report concerning application security.

The study, based on data collected from February 1 to February 28, 2023, found nearly six in 10 (57%) monitored applications are under attack.

Android apps were identified as more susceptible to unsafe environments (76%) compared to iOS apps (55%), and Android apps were also more likely to run modified code (28%) in contrast to iOS apps (6%).

The gaming industry (63%) and financial services (FinServ) (62%) are the most targeted, driven by the potential financial gains and prestige associated with successful game hacks in the $250 billion gaming industry.

The report noted that, in lucrative sectors like gaming and finance, attackers find opportunities for monetary gain and reputation-building through hacking games.

“FinServ apps are likely to be attacked for obvious reasons: FinServ is where the money is,” explained Greg Ellis, general manager of application security at Digital.ai. “Gaming apps are just as likely to be attacked as FinServ, however—we think part of the reason why is that the gamer user base tends to be technical.”

In addition, he said there is also a financial incentive to attack games—pirated games and even cheat codes trade for real money on the internet.

“There is also considerable ‘cred’ to be earned in various dark corners of the internet for those who can claim to have been the first to ‘crack’ the most popular and best-protected games,” Ellis noted.

The report revealed that apps in other sectors, including implantable medical devices, Bluetooth-connected phone apps and retail, also have a substantial 54% likelihood of being targeted.

However there appeared to be no link between an app’s popularity and its vulnerability to attacks.

“When we started our research, we hypothesized that the most popular apps would also be the apps that were attacked most often,” Ellis explained. “We found that there was actually very little correlation between an app’s popularity and its propensity to be attacked.”

He pointed to the statistics for medical device apps, which are used by relatively few people but have a relatively high propensity for being attacked.

Several other factors contributed to the heightened risk of app attacks in 2023; for example, increased availability of reverse-engineering tools like Ghidra and dynamic instrumentation toolkits such as Frida among threat actors.

The rise of cryptocurrencies and peer-to-peer payment apps was cited as another development, which helps malicious actors with easier monetization of schemes, particularly in ransomware cases.

The expansion of nationalized attacks is also providing significant resources to threat actors, the report noted.

“About 10 years ago, the world started to see attacks that are widely considered to have been perpetrated by nation states,” Ellis noted.

Attacks such as BlackEnergy, Industroyer—even potentially LockerGoga—were, many believe, funded by the governments of rogue nations. That reinforces the connection between cybersecurity and national security, he said.

“Cybersecurity is national security, and vice versa,” Ellis said. “The trend is important because when threat actors can avail themselves of GDP-sized budgets—instead of credit-card sized budgets—the limits to what they can do expand by orders of magnitude.”

Ellis advised smartphone owners and app users to maintain the security controls on their devices and avoiding jailbreaking or rooting of the devices.

“Only get your apps from official stores—App Store and Play Store,” he added. “Consumers are generally only at risk when using an ‘enhanced’ version of the app.”

As the security landscape for applications continues to evolve, Ellis said the $100 million dollar question is where and how the next threats will begin to emerge.

“It’s a cat-and-mouse game, and mice will be mice—we can be sure of that,” he said. “And we’ll be there with what we hope is an even better mousetrap.”

Nathan Eddy

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

nathan-eddy has 329 posts and counting.See all posts by nathan-eddy