Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
No Result
View All Result

Data from 100 million Android app users exposed

22 de May de 2021
in Tech
23 applications parfois très populaires n’avaient rien fait pour sécuriser les données des utilisateurs, sur les services de cloud qu’elles utilisent pour gérer les bases de données et les notifications. © Check Point
ADVERTISEMENT

Very popular applications, having sometimes been downloaded more than 10 million times, suffer from serious security holes. Their developers did not protect access to users’ personal data on third-party cloud services.

You will also be interested


[EN VIDÉO] Do our smartphones kill insects?
Insects are seriously threatened by pesticides, urbanization and intensive agriculture. But cell phone waves could also be harmful to them.

E-mails, geolocation data, passwords, photos, message exchanges, personal data … These are the personal information of 100 million users ofapplications popular for Android, which are not protected from possible capture by hackers. Detected by the security company’s research laboratory Check Point, this huge flaw concerns applications, some of which reach up to 10 million downloads.

In all, this would be 23 applications for Android who would be affected by these deficiencies of security. You can find everything, like Astro Guru, an astrology, horoscope and palmistry application, downloaded over 10 million times. After users enter their personal information such as name, date of birth, gender, home, email address, and payment details, Astro Guru provides them with a personal astrology report and horoscope. . Unfortunately, this is all personal data that is not protected.

Another download champion, Screen Recorder allows the user to record the screen of the user’s device and store the recordings on a cloud service. If access to screen recordings via Cloud is a handy feature, users’ private passwords are on the same cloud service that stores recordings. Annoying … This is also the case with T’Leva, a taxi booking application that has been downloaded over 50,000 times. Check Point researchers were able to access conversations between drivers and passengers and retrieve users’ full names, phone numbers, and locations – destination and pickup.

Third-party cloud service security forgotten by developers

It all comes from a blatant lack of securing third-party cloud storage services, including real-time database processing. The same is true for services for managing the sending of notifications, for example. These are building blocks that can be easily integrated into applications by developers. But now, they completely neglect the security aspect of these third-party services and do not configure the data protection systems during their integration.

It is not only the personal data of users that is then at risk. Some features used by publishers are just as useful. A malicious person may very well gain access to the notification updates mechanism, for example. It can be a disaster if the notification prompts you to activate an update that actually has an update. viral load. To invite them to correct the situation, Check Point contacted all the editors of the applications. At present, some, but not all, have taken care to strengthen their security. Similarly, Google has been informed and has encouraged them to provide more in-depth tests for the reception of these applications on the Play Store.

What you must remember

  • Data of 100 million Android app users is unprotected
  • Developers forgot to secure databases managed on cloud services
  • Application notification management services may also be impacted

Interested in what you just read?

ShareTweetPin

We would like to send you notifications with news, you can unsubscribe at any time.

Unsubscribe

Recommended

The 5 cheapest hybrid cars in 2022

The 5 cheapest hybrid cars in 2022

16 de September de 2022
Why Choose the Premium Amazon Basics Gaming Headset?

Why Choose the Premium Amazon Basics Gaming Headset?

28 de November de 2022
Satellites will soon be able to beam electricity anywhere on Earth

Satellites will soon be able to beam electricity anywhere on Earth

16 de October de 2022
Magna seeks to set up an assembly plant in the United States

Magna seeks to set up an assembly plant in the United States

14 de September de 2022
  • Home
  • Privacy policy
  • About us
  • Contact us
© 2021 Plugavel - News about technology and cars on one site Plugavel.
No Result
View All Result
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us