Appdome is the First to Detect Agentic AI Malware on Mobile Devices

New Android & iOS Plugins Detect Agentic AI Assistants Performing In-App Surveillance and Data Exfiltration in Consumer and Enterprise Apps

REDWOOD CITY, Calif., June 17, 2025 /PRNewswire/ -- Appdome, the leader in protecting mobile businesses, today announced the availability of new dynamic defense plugins to detect and defend against Agentic AI Malware and unauthorized AI Assistants controlling Android & iOS devices and applications. The new Detect Agentic AI Malware plugins allow mobile brands and enterprises to know when Agentic AI applications interact with their mobile applications and use the data to prevent sensitive data leaks and block unvetted on-device AI Agents from accessing transaction, account, or enterprise data and services.

Agentic AI Assistants—such as Apple Siri, Google Gemini, Microsoft Copilot, OpenAI ChatGPT, and others—are increasingly available to mobile users in consumer and enterprise environments. However, the same capabilities that make AI Assistants useful to consumers and employees can also be used by Agentic AI Malware and Trojans. Good and bad AI Assistants can gain broad runtime access to screen content, UI overlays, activity streams, user interactions, and contextual data. Malicious AI Assistants can exploit this access to perform data harvesting, session hijacking, and account takeovers—often under the guise of legitimate AI functionality. On Android, this risk is amplified by more permissive APIs. On iOS, threats extend to mirroring-based leaks (e.g., via AirPlay) and enterprise-targeted surveillance.

"Mobile brands and enterprises have quickly acknowledged the risk of Agentic AI Assistants on mobile devices," said Tom Tovar, co-creator and CEO of Appdome. "Our new Detect Agentic AI Malware plugins give mobile brands and enterprises choice and control over when and how to introduce AI Assistant functionality to their users."

Agentic AI assistants have wide appeal in internal enterprise and public-facing consumer use cases. However, in consumer use cases—like banking, eWallet, and healthcare applications—some brands might take the view that, for now, the risks outweigh the benefits. Currently, whatever a good AI assistant can do, a bad AI Assistant can do. Both can access, extract or input credentials, intercept transactions, and send messages to other users. In enterprise environments, malicious AI Assistants could perform actions as the employee, accessing proprietary systems, leak sensitive documents, or create entry points for lateral compromise. Wrapped or re-skinned AI apps—especially unofficial or third-party clones of tools like ChatGPT—further increase the attack footprint, often requesting dangerous (overreaching) permissions and quietly transmitting captured data to external servers. Without real-time detection and control, mobile brands remain exposed to surveillance, compliance failures, and data loss at scale.

"The mobile application and device can only know it's an Agentic AI Assistant," said Avi Yehuda, Co-Creator and Chief Technology Officer at Appdome. "The mobile environment has no concept of "good" or "bad" actors, only allowed and disallowed access or permissions, that's the point."

Security researchers have observed that malicious AI Assistants can extract session data, cryptographic tokens, or decrypted content by analyzing on-screen information in real time. These apps often masquerade as legitimate voice assistants, and once granted access, can silently monitor users' activity. Furthermore, when coupled with generative AI models, attackers can script automated reconnaissance, tampering, or replay of sensitive operations inside apps.

"If you have sensitive data or regulated use cases on mobile, AI Assistants are no longer a hypothetical risk—they're an active one," said Kai Kenan, VP of Cyber Research at Appdome. "Detecting and controlling the use of these tools is a must-have capability for any mobile defense strategy."

Appdome's new Detect Agentic AI Malware plugin uses behavioral biometrics to detect the techniques that malicious or unauthorized AI Assistants use to interact with an Android or iOS application in real time. This includes official, third-party, or wrapped AI apps that impersonate trusted tools or gain elevated permissions. Mobile brands and enterprises can use Appdome to monitor AI Assistant use or detect and defend against Agent AI Assistants using multiple evaluation, enforcement and mitigation options. Mobile brands and enterprises can also specify any number of Trusted AI Assistants, to guarantee that users have access to approved and legitimate Agentic AI Assistants.

"A tsunami of Agentic AI—both good and bad—is approaching the mobile ecosystem. The question is no longer if, but when," said Chris Roeckl, Chief Product Officer at Appdome. "Most concerning are wrapped versions of legitimate apps, which are increasingly used to trick users into signing in, transacting, and engaging with what looks like your brand—until a malicious agent takes over. Our new dynamic defenses stop Agentic AI from weaponizing your app against your users."

To learn more about Appdome malware protection, including Detect Agentic AI Malware, please visit https://www.appdome.com/mobile-malware-prevention/.

About Appdome 
Appdome's mission is to protect every mobile business and user in the world from scams, fraud, bots, and hackers. Mobile businesses, mobile apps, mobile platforms, operating systems, and threats constantly change. Appdome's patented AI-Native XTM Platform is designed to instantly accommodate these changes by automating every aspect of mobile application and business defense – from design to build, certification, monitoring, response, support, and resolution. Appdome uses AI to deliver a growing list of 10,000s of dynamic defense plugins created to address 400+ mobile app security, anti-fraud, bot defense, anti-malware, geo compliance, social engineering, deep fake and other attack vectors on demand. Mobile applications that are built using Appdome are Certified Secure™ at build time, eliminating the need for coding, SDKs, server attestation, work, and complexity in the cyber defense lifecycle. Appdome also uses AI inside its ThreatScope™ Mobile XTM, to continuously calculate a Mobile Risk Index™ for businesses and applications as well as rank and preempt attacks in real-time. In Appdome's Threat Resolution Center™, Appdome uses GenAI to provide customer support and care teams a quick and easy way to provide end-user threat resolution and remediation. All of Appdome's in-app and bot defenses can be used with Appdome's Threat-Events™ intelligence framework. This framework gathers threat and attack metadata, and is used to inform the application, application SDKs and back end network components when threats are present or to create customized threat responses inside Android & iOS apps. As a platform, Appdome also functions as a continuous compliance center, tracking all builds, changes, teams, users, defense configurations, events and more for quick and easy audit of the mobile defense lifecycle. Appdome holds several patents including U.S. Patents 9,934,017 B2, 10,310,870 B2, 10,606,582 B2, 11,243,748 B2 and 11,294,663 B2. Additional patents pending.

View original content to download multimedia:https://www.prnewswire.com/news-releases/appdome-is-the-first-to-detect-agentic-ai-malware-on-mobile-devices-302483772.html

SOURCE Appdome