1,999 popular iOS and Android apps used for financial, social networking, shopping or communication are susceptible to the FREAK attack.
Security researchers at FireEye have analyzed 10,985 apps in Google Play, each with at least one million downloads, and discovered that 1,228 were vulnerable to the FREAK (Factoring RSA Export Keys) attack made public at the beginning of the month.
Researchers say that 664 of the discovered vulnerable apps rely on the OpenSSL provided by Android, while the rest of 564 work with their own version of the library.
Things are slightly better on iOS as FireEye found only 771 apps out of 14,079 that contacted vulnerable servers. Thanks to the patch from Apple on March 9 that fixed the flaw in Secure Transport, all these products can be exploited in iOS earlier than 8.2.