Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A dozen Android apps exposed data of 100M+ users

Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers from Check Point have discovered 23 Android applications that exposed the personal data of more than 100 million users due to misconfigurations of third-party cloud services. The experts pointed out that the misconfiguration also expose […]

Android apps

Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users.

Security researchers from Check Point have discovered 23 Android applications that exposed the personal data of more than 100 million users due to misconfigurations of third-party cloud services.

The experts pointed out that the misconfiguration also expose developer’s internal resources, such as access to update mechanisms and storage, at risk.

“This misconfiguration of real-time databases is not new, but to our surprise, the scope of the issue is still far too broad and affects millions of users.” reads the report published by the experts. “While investigating the content on the publically available database, we were able to recover a lot of sensitive information including email addresses, passwords, private chats, device location, user identifiers, and more. If a malicious actor gains access these data it could potentially result in service-swipes (ie. trying to use the same username-password combination on other services), fraud, and identity theft.”

Check Point experts were able to access the backend databases of 13 apps (i.e. Logo MakerAstro GuruT’LevaScreen Recorder, and iFax) that were found to contain sensitive information such as email addresses, passwords, personal images, private chats, location coordinates, user identifiers, social media credentials, screen recordings.

In some cases, the apps analyzed by Check Point exposed access keys that would have allowed attackers to send push notifications to all the users of the applications.

Threat actors could abuse push notification services to conduct malicious activities, such as sending out messages containing links to malicious websites set up to deliver malware or phishing sites.

Experts explained that Cloud storage on mobile applications is often used to access files shared by either the developer or the installed application.

One of the apps analyzed by the experts, named Screen Recorder, which is available on Google Play with over 10 million downloads was storing the device’s screen on a cloud service. The researchers discovered that was possible to access the cloud storage keys that allowed them to access to users’ screenshots from the device.

“While accessing screen recordings through the cloud is a convenient feature, there can be serious implications if the developers embed the secret and access keys to the same service that stores those recordings. With a quick analysis of the application file, we were able to recover the mentioned keys that grant access to each stored recording.” continues the report.

Below the full list of apps analyzed by the experts, a dozen of them have more than 10 million installations on Google Play and the majority exposes an unprotected database.

mobile apps

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Android apps)

[adrotate banner=”5″]

[adrotate banner=”13″]