Depraved apps are creating security problems in our handsets and putting our data at risk.
According to researchers, they have discovered cloud misconfiguration in Android apps that are responsible to disclose the personal information of over 100 million users. On Thursday, a report was published by the cybersecurity firm, Check Point Research, which revealed that no less than 23 famous mobile applications have attempted misconfiguration of third-party cloud services. The dangers of unsecured applications have certainly increased, as, in this digital world, our mobile carries almost all of our data. The information that is being exposed includes user location, passwords, email address, and others, which is due to the improper development of cloud features by developers in their apps.
Well, applications with unsecured features are nothing new to the concept, as it was guessed at some point. There are millions of applications roaming around and being used, so it only makes sense that some lack standard security features. Recently, it was discovered approximately 20,000 iOS and Android apps were saving information on cloud services without implementing essential security features to protect the data. And this irresponsible act made it easy for someone to get their hands on profile pictures, passwords, and more than we know.
According to the analysis, the researchers found that not only users’ data are at risk, but apps have left their data out in the open without securing it with standard security protocol. The data includes internal resources of developers like access to storage, updating mechanisms, and more available data exposed to risk.
Researchers found Android applications with malicious act, and some of them with misconfiguration includes Astro Guru, T’Leva, and Logo Maker. According to the CPR researchers, it was discovered that Astro Guru include details like names, gender, location, payment details, date of birth, and email of users, which is open at risk, and taxi app T’Leva includes information like phone numbers, locations (destination & pick-up), and full names of over 50,000 users out in the open at risk. If a malicious actor could gain access to your data, it will attempt fraud, identity theft, and service swipes.
Despite all these hassles, there is a piece of good news, as the CPR informed Google about the unsecured applications, and some of them have already improvised the security measures to protect their and their users’ data.
How these users’ data are leaked by the Android app?
It was found out that Android apps are disclosing information about the user in different ways, which includes the first one on how they utilize cloud services. The cloud services are utilized to build a real-time database that allows developers to update their apps easily and sync them between users and apps. The data databases stored by the apps are critical, and it is an opportunity for someone who knows how to find it if the databases are not secured properly. Another reason data is exposed dues to the usage of cloud services to store the users’ data. However, the developers might not be using the personal data of users, but the real danger comes with the availability of the information to the wrong person. You can imagine how dangerous it is for your data to be available out there, as there is always someone looking to attempt malicious acts for their benefit. We have reached the year 2021, where we do not need to go through this, but somehow it is also a valuable lesson to all those installing unknown apps and sites.
If you come across a random game or apps, it is best to avoid such notifications to protect your personal information from unknown tragedy. If somehow you come in contact with using these apps, it is best to use a unique password for every online platform, as it will protect your bank statements, passwords, and investment information safe from hackers.
META- More than 23 Android apps have put their users’ data at risk and exposed information out in the open of over 100 million people. Read how you can avoid hackers.
Visit: roku.com/link