A new report has revealed that rooted devices are orders of magnitude more vulnerable to various threats.
When users root their phones, they open doors to many various threats, according to an analysis by the mobile security firm Zimperium.
Over the course of one year, rooted devices are 3.5 times more likely to experience malware attacks and 12 times more likely to contain compromised apps. System compromise incidents increase by 250 times, and filesystem compromise events increase by a factor of 3,000.
“Despite a reduction in the number of rooted and jailbroken devices overall, they still represent a very serious security threat, not just to the user, but to enterprises that enable employees to access sensitive corporate apps and data from their devices,” the report reads.
Zimperium found that only 0.1% of consumer devices are jailbroken. This figure is much higher for Androids than for iOS. One in 400 Android devices (0.24%) was found to be rooted, while one in 2,500 iOS phones (0.04%) was found to be jailbroken.
While rooting might offer much more flexibility and control over the device, users often sideload malicious applications, bypassing security checks like Android’s Play Integrity and sometimes resulting in a full compromise.
“These practices grant users privileged access to their device’s operating system, opening the door to a host of security risks – including malware infections, compromised apps, and full system takeovers,” Zimperium explains.
Rooting is usually an Android-specific procedure for gaining privileged access. It allows users to modify system files, remove carrier/manufacturer restrictions, and perform other off-limits actions.
Android, however, has native support for sideloading apps, while iOS doesn’t in the US. Therefore, jailbreaking tools exist for users to sideload apps on iOS.
Android users root devices using toolkits such as Magisk, APatch, and KernelSU, while iOS users resort to Dopamine, Checkra1n, and Roothide. These tools have limited support, are incompatible with various devices, and have other limitations, as manufacturers and security vendors strive to detect the presence of tampering and limit their use.
Malicious attackers and spyware often deliver rootkits as part of their attack chain to gain elevated privileges.
Zimperium's study warns companies that a single compromised device can serve as the entry point for a much larger attack, putting entire organizations at risk. The security firm offers solutions for enterprises to enforce strict mobile device policies and adopt threat detection.
Your email address will not be published. Required fields are markedmarked