If you use these apps, delete them now. Your Android phone may be at risk

Your Android phone may be at risk if you use these apps, delete them now



Integration of incorrectly configured cloud services in Android applications has potentially exposed the personal data of millions of users, including location, photos, and passwords.

According to Checkpoint Research (CPR), the research team behind Cyber ​​Security Vendor.

Checkpoint Software Technologies, application developers are configuring and integrating third-party cloud services into their Android applications after analysis.

In 13 instances, CPR complained of publicly available sensitive data from real-time databases, with numbers ranging from 10,000 to 10 million downloads per application.

Although CPR acknowledged that incorrect configuration of real-time databases was not a new error and that in reality, it was commonplace, it claimed that it was an attempt to access all the information is provided, with no security measures in place to prevent unauthorized access.

A research team’s blog post stated, “We were able to retrieve email addresses, passwords, private chats, device locations, user identifiers, and much other sensitive information while investigating content in [publicly] available databases.

In addition, if a malicious actor gains access to that data, it may trigger service swipes – attempts to use the same username and password.

combination on other services – fraud or identity theft.

The two specific examples given include Astro Guru, astrology, horoscope, and handicraft application.

Which has more than 10 million downloads, and the taxi application T’Leva, which has more than 50,000 downloads.

With the first application, Checkpoint claimed to have found the wrong configuration.

Which could access the name, date of birth, gender, location, email, and payment details.

Meanwhile, the second application published chat messages between drivers and passengers.

As well as full names, phone numbers, destinations, and pick-up locations – in the database with just a single request.

Push notification managers – applications that can flag new content and display chat messages and emails – also have the potential for exploitation. According to the research team. Most applications of this type, checkpoint claims.

Work with a key or keys to identify the identity of the request submission.

“When these keys are simply embedded in the application file.

It is very easy for hackers to gain control and the ability to send notifications that the developer may have malicious links or content in all users.

” The CPR research team wrote.

“Imagine that a news-outlet application blocks a fake-news entry notification if it directs its users to a phishing page.

Since the notification originates from the official app.

Users will assume the notification is valid and sent by the news outlet, not the hacker. ”

Also, in some cases, access to cloud storage for mobile applications.

Which was the same cloud service to protect users’ personal passwords, raised concerns about the store’s contents.

It includes a screen recording app called Screen Recorder and a fax-sending app called iFax.

Which has over 10 million and over 500,000 downloads, respectively.

Analyzes of these applications by the Checkpoint research team found their respective cloud storage keys.

Allowing malicious actors to access potentially stored files.

Leave a Comment