New research from mobile security and management expert Wandera has found that the official UEFA Euro 2016 Fan Guide App is leaking users’ personal data. Analysis of the data traffic patterns from enterprise mobile devices reveals that highly personal user credentials, including usernames, passwords, addresses and phone numbers, are being transferred over an insecure internet connection. The app, which has more than 100,000 downloads, could therefore provide an access point for hackers to access, and potentially steal, valuable user data.
Wandera’s analysis of the Euro 2016 app took place between 25th May and 24th June 2016 and relates to both the iOS and Android versions. These exposed vulnerabilities represent the tip of the iceberg in terms of the collective threat to enterprise mobiles brought about by the football tournament.
Wandera’s SmartWire Labs team has also made some startling discoveries about the number of enterprise devices accessing malicious websites – most likely linked to an increasing number of mobile ads. Since the tournament started, Wandera has discovered 72% of recognised malicious websites and 41% of exposed passwords were detected on smartphones in France.
“Increased data usage during the beginning of Euro 2016 will come as no surprise to anyone,” said Eldar Tuvey, CEO of Wandera. “What is clear however, is that football fans are travelling across Europe, accessing apps and websites that are unfamiliar to them to access the up-to-date information they crave. Our analysis proves that even so-called ‘trusted sources’ carry risk and vulnerability – something that enterprises must be equipped to deal with.”
Interestingly, Euro 2016 is not the sole focus of the global hacking community. Additional insight from Wandera emphatically proves the significant phishing threat in Russia. Since the start of Euro 2016, a staggering 73% of all phishing incidents occurred in Russia, despite recent high profile reports of banks haemorrhaging millions of pounds to malicious threats.
Wandera also analysed gambling websites and apps in the run up to the tournament, and although there was no major increase in gambling website or app traffic, the data revealed the countries with the highest levels of gambling; Ireland, the UK and Spain, came out top. Traffic related to online advertising almost doubled during Wandera’s investigation, and peaked in Portugal, Ireland, Turkey and Spain. News and sports website traffic also increased by 38%, and the use of social networks saw a 67% surge during the month long period.
More analysis of Euro 2016’s impact on mobile security and usage can be found here.
[su_box title=”About Wandera” style=”noise” box_color=”#336588″][short_info id=’68402′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.