Tech Gaming Report

Latest Tech & Gaming News

Android, 14 applications downloaded more than 140 million times do not protect sensitive data

Android, 14 applications downloaded more than 140 million times do not protect sensitive data

Following the discovery of GriftHorse malware in more than 200 applications, a new cybersecurity scan recently conducted led to the detection of 14 Android apps at risk, with more than 140 million collective installations, that do not protect the confidential data of the users.

As the CyberNews researchers explained, these are not malware of any kind, but rather significant security risks due to Firebase configuration errors, a platform that offers especially useful functionalities such as hosting, cloud storage and databases updated in real time. Since 2014, Firebase has been one of the platforms of choice for most developers for store sensitive data like credentials (usernames and passwords), emails and more; However, the experts pointed out that a bad configuration of the service by the developer allowed them to access confidential data even without authentication.

As CyberNews explains, “Mobile app developers use Firebase real-time databases to store user records, financial information, and other sensitive data. Unfortunately, real-time databases are often managed by developers without security training, making them easy targets for malicious actors. “.

Researchers in all analyzed around 1,100 applications among the most popular in 55 different categories of the Google Play Store in the United States, finally discovering 14 at risk: among them were, for example, Universal TV remote control (possibly the most popular app with universal remote control function for televisions) e Remote control for Roku: Codematics, but also games like Hybrid Warrior: Dungeon of the Overlord.

Fortunately, the developers of these three applications and two others not mentioned have responded to CyberNews recognizing errors in the configuration and finally solving them quickly; now they are missing there are still 9 applications potentially at risk, for which CyberNews contacted Google directly to quickly notify the affected developers.

See also  Cislago: discharge asbestos and die. The heir: "I you should not pay out, it wasn't me"

Staying in the green robot world, at the end of September we saw which were the best high-end Android smartphones of the month.