Wednesday, December 4, 2024

Android, 14 applications downloaded more than 140 million times do not protect sensitive data

Date:

Following the discovery of GriftHorse malware in more than 200 applications, a new cybersecurity scan recently conducted led to the detection of 14 Android apps at risk, with more than 140 million collective installations, that do not protect the confidential data of the users.

As the CyberNews researchers explained, these are not malware of any kind, but rather significant security risks due to Firebase configuration errors, a platform that offers especially useful functionalities such as hosting, cloud storage and databases updated in real time. Since 2014, Firebase has been one of the platforms of choice for most developers for store sensitive data like credentials (usernames and passwords), emails and more; However, the experts pointed out that a bad configuration of the service by the developer allowed them to access confidential data even without authentication.

As CyberNews explains, “Mobile app developers use Firebase real-time databases to store user records, financial information, and other sensitive data. Unfortunately, real-time databases are often managed by developers without security training, making them easy targets for malicious actors. “.

Researchers in all analyzed around 1,100 applications among the most popular in 55 different categories of the Google Play Store in the United States, finally discovering 14 at risk: among them were, for example, Universal TV remote control (possibly the most popular app with universal remote control function for televisions) e Remote control for Roku: Codematics, but also games like Hybrid Warrior: Dungeon of the Overlord.

Fortunately, the developers of these three applications and two others not mentioned have responded to CyberNews recognizing errors in the configuration and finally solving them quickly; now they are missing there are still 9 applications potentially at risk, for which CyberNews contacted Google directly to quickly notify the affected developers.

Staying in the green robot world, at the end of September we saw which were the best high-end Android smartphones of the month.

Ebenezer Robbins
Ebenezer Robbins
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.

Share post:

Popular

More like this
Related

Practice Acrylic Nail Techniques Without Needing a Fake Hand

When you're starting your journey with acrylic nails, practice...

Inside the World of Common Snapping Turtles: Behavior and Habitat

The common snapping turtle (Chelydra serpentina) is one of...

How to Use Video Marketing to Promote B2C Products?

Video marketing has emerged as a powerful tool for...

Adapting to Change: The Future for Leopard Tortoise Environments

Leopard tortoises, known for their striking spotted shells and...