Mobile Devices Face Expanding Attack Surface, ANSSI Finds in 2025 Threat Review

France’s national cybersecurity agency has released a detailed review of the current mobile threat landscape, outlining how smartphones have become exposed to a wide range of intrusion methods. The study examines how attackers reach a device, maintain access, and use the information gathered. It also shows how these threats have evolved as mobile phones became central tools for personal, professional, and government use.

The agency reports that mobile devices now face a broad and complex attack surface. Their constant connectivity, multiple built-in radios, and sensitive stored data make them valuable targets for different groups. Since 2015, threat actors have expanded their techniques, combining older strategies with new exploitation paths to gain entry, track users, or install malware without being noticed.

A significant part of the threat comes from wireless interfaces. Weaknesses in cellular protocols allow attackers to intercept traffic, monitor device activity, or exploit network features designed for legacy compatibility. Wi-Fi adds another layer of exposure through rogue access points, forced connections, or flaws in hotspot security. Bluetooth can be used to track a device or deliver malicious code when vulnerabilities are present. Near-field communication introduces additional opportunities when attackers can control a device’s physical environment.

Beyond radio interfaces, attackers rely heavily on device software. The study shows consistent use of vulnerabilities in operating systems, shared libraries, and core applications. Some methods require users to interact with a malicious message or file, while others use zero-click chains that operate silently. These techniques often target messaging apps, media processing components, browsers, and wireless stacks. Baseband processors, which handle radio communication, remain high-value targets because they operate outside the main operating system and offer limited visibility to the user.

Compromise can also occur through direct physical access. In some environments, phones are temporarily seized during border checks, police stops, or arrests. When this happens, an attacker may install malicious applications, create persistence, or extract data before the device is returned. Mandatory state-controlled apps in certain regions introduce additional risk when they collect extensive device information or bypass standard security controls.

Another section of the review focuses on application-level threats. Attackers may modify real apps, build fake versions, or bypass official app stores entirely. Some campaigns hide malicious components inside trojanized updates. Others use device management tools to take control of settings and permissions. The agency notes that social engineering still plays a major role. Phishing messages, fraudulent links, and deceptive prompts remain common ways to push users toward unsafe actions.

The ecosystem around mobile exploitation has grown as well. Private companies offer intrusion services to governments and organizations. These groups develop exploit chains, manage spyware platforms, and sell access to surveillance tools. Advertising-based intelligence providers collect large volumes of commercial data that can be repurposed for tracking. Criminal groups follow similar methods but aim for theft, extortion, or unauthorized account access. Stalkerware tools, designed to monitor individuals, continue to circulate and provide capabilities similar to more advanced platforms, though on a smaller scale.

The study documents several real-world campaigns observed in recent years. They include zero-click attacks delivered through messaging services, exploits hidden in network traffic, some campaigns that exploited telecom network-level malicious traffic to target users. Some operations rely on remote infection, while others use carefully planned physical actions. The range of techniques shows that attackers adapt to different environments and skill levels.

To reduce exposure, the agency recommends a mix of technical and behavioral steps. Users should disable Wi-Fi, Bluetooth, and NFC when they are not needed, avoid unknown or public networks, and install updates quickly. Strong and unique screen-lock codes are encouraged, along with limiting app permissions. The study advises using authentication apps instead of SMS for verification and enabling hardened operating-system modes when available. Organizations are urged to set clear policies for mobile use and support users with safe configurations.

The report concludes that smartphones will remain attractive targets because they store sensitive information and stay connected to multiple networks. The findings highlight the need for coordinated responses, including international cooperation such as the work developed by France and the United Kingdom through their joint initiative on mobile security.

Notes: This post was drafted with the assistance of AI tools and reviewed, edited, and published by humans. Image: DIW-Aigen.

Read next: The Technology Consumers Will Spend More on in the Next 5 Years



Source link

Visited 1 times, 1 visit(s) today

Related Article

The 5 most frustrating things about iOS 26 – and how I fixed them

The iOS 26 update has brought major changes to all the best iPhones, but some of those adjustments are more welcome than others. While I’ve been loving many of the best iOS 26 features since installing it on my device, I’ve also – like many – discovered a few changes that have bugged me no

ET logo

From mobile phones to cooked frogs, inside London’s biggest lost property office

Mobile phones, wallets, rucksacks, spectacles and keys top the list of the 6,000 items that arrive weekly at Transport for London’s lost property warehouse, alongside some unexpected items, including a bag of cooked frogs and an urn of ashes. “We didn’t keep them,” Transport for London manager Diana Quaye said of the frogs. A sandwich

Upgrade To A New Fleet Of Apple Devices With T-Mobile’s Black Friday Deal

We’ve already learned some of the deals T-Mobile is rolling out for Black Friday. And they’re great. But if those didn’t do the trick and you were waiting on the company to roll out some more of them, it actually just did that—and these are just as great. T-Mobile is adding more deals to complement

How cheaters are using a totally obvious iPhone app to chat, and most partners never think to check it |

iphone Notes app/ AppleInsider When people look for signs of cheating, they comb through WhatsApp, Instagram DMs, TikTok messages or those sneaky “calculator” vault apps. Almost nobody thinks to open Notes, a totally utilitarian app meant for grocery lists, reminders, and random mental scraps. And that’s exactly why, as private investigators and social-media sleuths are

Iranian Phones Now Made Without a Factory

WANA (Nov 29) – Iranian manufacturers and technology specialists have announced progress in mobile phone production using a “factory-free” model, a method highlighted for its low initial investment, high profitability, and export potential. The initiative goes beyond simple assembly, emphasizing innovation and the development of locally produced technologies.   During the presentation of the project,

Save on phone plans at T-Mobile, Verizon and more

Black Friday phone plan deals are available from major carriers and budget-friendly providers. Carriers like T-Mobile, Verizon, and AT&T are offering deals on new iPhones and tech bundles. Budget-friendly options include discounts from Tello, Total Wireless, and Mint Mobile. Black Friday 2025 officially begins on Friday, November 28, with deals lasting through Cyber Monday. You’re

How much will Google’s new laptops copy from Android phones

I think Android laptops are happening in part because Google does not see a future where Chromebooks rival Mac and Windows for market share. All the success Google has in various consumer form factors comes down to Android. To that end, one of my biggest questions about this reboot of Google’s desktop strategy is how

10 Best Black Friday Phone Deals (2025)

It’s the best time of year to buy a new smartphone. I review dozens and dozens of handsets every year, and I exclusively recommend you buy them unlocked—don’t be beholden to a carrier! But the sticker shock of a new phone can be scary; these Black Friday phone deals can help ease the burden on

Still having iOS 26 battery life problems? Try these 5 fixes to improve it

If you’ve recently downloaded iOS 26 then you might have noticed your phone’s battery isn’t lasting as long as it was previously. Some temporary issues are normal, as your phone will be working harder in the background for a while to do things like index files. But if your battery issues are longer lasting –

Free iPhone and Samsung Bundles With iPads, Watches, and More

Why we love T-Mobile’s Black Friday deal If you’re lucky enough to be up for renewal on your phone plan, Black Friday is the perfect time to do it. Both major cell service providers and smaller MVNOs are dropping their prices to commemorate the holiday, making it the perfect time to lock in a great

Pininfarina is designing a phone again, but can it erase the past?

I’m interested in design, I like cars, and (obviously) I like phones. I’m usually quite excited when all these things come together, so when phone maker Infinix started teasing a partnership with legendary design house Pininfarina, my excitement levels should have been off the charts. Yet I’m holding back, and here’s why. What’s the announcement?

Amazon Is Blocking These Streaming Apps On Your Fire TV Stick

Homesh Nasre/Getty Images While many of us have cut the cord and switched exclusively to streaming content, all those services and their monthly subscription fees add up. It’s no surprise that people seek out alternative ways to get content to help manage costs. Unfortunately, not all of

Vitalik Buterin Donates $765K in Ethereum to Privacy Messaging Apps

In brief Ethereum co-founder Vitalik Buterin has donated $765,000 in ETH to two privacy messaging apps, Session and SimpleX. In a tweet, Buterin said that, encrypted messaging is “critical for preserving our digital privacy.” His donation comes as privacy has become a hot topic in the crypto sector, with the Ethereum Foundation launching a privacy

Best iPad apps for unleashing and exploring your creativity

If you’re looking to explore your creativity, there are a number of iPad apps that can help you get started. Although the iPad started off as a simple device that could be used to stream content or browse the web on the go, Apple has essentially turned its iPads into powerful machines that can be

0
Would love your thoughts, please comment.x
()
x