Surge in Cyberattacks on Russian Mobile App Infrastructure: 200% Increase in Six Months

By Riley ThompsonTechnology News

Cyberattacks on Russian Mobile App Infrastructure Triple in Six Months

According to a report by Kommersant, citing experts from the cybersecurity company Informzashita, the number of attacks on the infrastructure of Russian mobile applications has increased by 200% over the past six months. The main issue is that half of all mobile app developments are built on the same interface as their web versions, and the mobile versions are not properly tested. This problem is further aggravated by the growing trend of downloading apps directly from company websites, bypassing Google Play and the App Store.

Key Findings from Informzashita

  • In the first half of the year, API attacks in Russia increased by 200% year-over-year.
  • These attacks include data theft, service disruptions, creation of fake accounts, and credit card fraud, especially in banking apps.
  • In 50% of cases, breaches result in denial of service, while 10% lead to account theft.

Reasons Behind the Surge

The increase in attacks is primarily linked to the removal of several Russian company apps from official app stores (Google Play and App Store) due to sanctions. Popular marketplaces began blocking Russian apps as early as spring, including products from VTB, Sber’s ecosystem, and other sanctioned companies.

“Now, these apps can only be downloaded as APK files from the company or bank’s website, but a hastily made file can be infected with a virus,” explains Informzashita expert Shamil Chich.

Security Risks and Industry Practices

Chich adds that most companies build both web and mobile versions on a single interface to save resources on development, testing, and support, but often neglect security in the process.

Daniil Chernov, Director of the Solar appScreener Center at RTK-Solar, notes that attacks on applications are the easiest way for cybercriminals to breach an organization’s perimeter and access its infrastructure. According to him, this is the most vulnerable link in organizational security after human error, and 80–90% of code consists of ready-made components, many of which contain backdoors. RTK-Solar estimates that 90% of Russian apps are at risk.

Source

Onion Market — a free P2P exchange on Telegram. We offer XMR, BTC, and USDT.TRC20.

Leave a Reply