Both WhatsApp Messenger and Facebook Messenger were rated 7 out of 10 for their data leakage range, a press release noted. That means the “apps access and/or send enterprise related or identifiable information,” according to the release. Both of these apps are among the top five most blacklisted apps in the enterprise as well, the report noted.
The third most risky app in iOS was Waze, while that spot in Android belonged to Telegram, according to the research. To compile its ratings, Appthority analyzed millions of ongoing mobile security scans that it performs for its enterprise customers, the release said.
SEE: Mobile device computing policy (Tech Pro Research)
“Our latest Enterprise Mobile Security Pulse Report confirms enterprise exposure to risks from excessive data gathering and sharing by commonly used social and communications apps,” Seth Hardy, Appthority director of security research, said in the release. “By shining a light on the apps and risks commonly found and blacklisted in enterprises, our goal is to help security teams better secure their data and employees and make more informed security decisions.”
Most of the blacklisted apps had previously been observed leaking data or performing other suspicious behaviors, the release said. Some of these other behaviors include disabling default HTTPS encryption and using JSPatch for hot patching, “a feature which has been banned in the App Store,” the release noted.
The top three blacklisted Android apps were Facebook Messenger, Wickr Me, and WhatsApp Messenger for Android. On iOS, the top three were Facebook Messenger, WhatsApp Messenger, and Tinder, according to the report.
In terms of where malware is actually sending leaked data, top destinations included the US, China, and Germany.
The big takeaways for tech leaders:
- WhatsApp Messenger and Facebook Messenger are the two riskiest apps in the enterprise for both iOS and Android. — Appthority, 2018
- Most apps blacklisted by the enterprise leak data or perform other malicious behaviors. — Appthority, 2018