According to a new study from mobile defense specialist Skycure, it’s possible for the majority of US Android phone owners are in danger of having their data stolen.
The mobile defense specialist Skycure analyzed patch updates for the top 5 leading wireless carriers in the US and found out that 71 percent of mobile devices were running on security patches 2 months or even older, leaving them vulnerable to new threats. The leading wireless carriers analyzed were AT&T, MetroPCS, Sprint, T-Mobile, and Verizon and were used to determine the age of distribution of security patches.
Even though Google releases a new security update patch every month, over 6% devices were even reported to be running on security patches that are over 6 months olds. This put’s the users at a major risk, without the latest security patches these users are easy targets for cyber-attacks, malware injection and susceptible to have their data stolen.
According to the report, Android vulnerabilities rose by more than 4 times in 2016 compared to 2015. The majority of these vulnerabilities allows someone else to gain excessive privileges, along with other vulnerabilities that allow effects like corrupted memory, leakage of information, or arbitrary code execution.
According to the report, a small number of users of the overall customer base of the carriers were running on the latest security patch. According to the data analyzed, AT&T users are a ten times more likely to be running the latest security patch on their android phone. On the other hand, MetroPCS was the one with the highest percentage of out dated android phones and had the most phones running a security patch more than 3 months old.
“Malware, network attacks and advanced exploitation campaigns many times depend on unpatched vulnerabilities to be successful,” says Yair Amit, co-founder and CTO of Skycure. “It’s essential that users and companies know the moment that a device is able to remove these risks to reduce the window of vulnerability. That’s why we built this capability directly into Skycure and why we have a focus so heavily on security research. The only way to beat the bad guys is to be one step ahead of them.”
Besides showing which carriers had the most outdated security patches the report also revealed the most common types of malware, which are: adware, hidden apps, potentially unwanted apps, riskware, spyware, and trojans. There was a major growth for such apps in which their numbers increased by more than 500 percent from Q1 to Q4 of 2016.