According to Andrew Hoog, CEO of NowSecure:

Leaky mobile apps, not mobile malware, pose the greatest mobile threat to the enterprise, according to , a maker of mobile app security testing products. The mobile industry is mostly focused on malware. We think that is a legacy from computers….What we see driving risk in the mobile platform is the apps themselves–leaking and insecure apps,” Hoog told FierceMobileIT in an interview.

You can read the full interview here.

I don’t think Andrew actually provides any detail as to what he means by “leaky apps”. I agree with him but leaky apps and mobile malware are not mutually exclusive. I believe insecure apps lead to the spread of most mobile malware. In particular, it’s the WebView that introduces the biggest risk to consumers.

As readers of this blog, or customers of MetaCert will know, the WebView allows developers to display web pages inside the app instead of redirecting consumers to the native browser. The downside is that it’s easy for cybercriminals to spread malicious links that act as phishing websites – waiting to steal personal information or worse, install malware, spyware or ransomware in the background.