Tuesday, April 22, 2025
HomeAndroid40+ Apps With More Than 100 Million Downloads Exposing AWS API Keys

40+ Apps With More Than 100 Million Downloads Exposing AWS API Keys

Published on

SIEM as a Service

Follow Us on Google News

The cybersecurity researchers from CloudSEK has recently discovered more than 40 apps which has nearly 100 million downloads, are continuously targeting the AWS API keys.

Amazon Web Services (AWS) is generally known for its cloud computing platform for enterprises, small businesses, and not only that even it also deals with the government bodies around the globe.

AWS services and APIs are very popular and these services are being used by the millions of companies worldwide. The main purpose of using AWS services and APIs is that it simply helps the companies and organisations to fulfill their infrastructure needs and hosting requirements.

- Advertisement - Google News

Not only this companies also uses these services, to enable their websites and mobile apps. That’s why the analysts claimed that AWS and APIs deals with all delicate and sensitive information.

Critical Vulnerability in How Developers of Apps UseThe AWS

Almost every company prefer using APIs, as this services makes work easier for the developers. These services helps to build apps that generally interact with different sources.

However, APIs help the developers of company to manage the data flowing from one app to other very efficiently. APIs are the key to AWS, therefore the API based apps like Facebook and LinkedIn, were available for all other apps out there.

These apps helps others to verify there users identities; and after research, the security researchers came to know that there are apps that uses private keys and that are kept secure. 

The API keys are being easily discovered by malicious hackers, and the analysts asserted that the hackers can later use them to compromise their data and networks as well. 

But apart from all these things, this critical vulnerability is continuously occurring in the APIs mainly, not in AWS services.

Over 10,000 Apps are Analyzed by The Experts

The cybersecurity experts have listed nealy 10,000 apps to BeVigil for further analysis, and after analysis they came to know the more than 40 apps have hardcoded all the private AWS keys.

Moreover, CloudSEK has disclosed all the security that are concerns to AWS and also the affected companies worldwide. And here are the apps whose keys are already deactivated:-

How AWS keys work and why these keys were hardcoded in the APK?

After an investigation, the experts affirmed a brief summary regarding how AWS keys works; this keys enable the programmatic access to AWS services and it does not ask the user to login themselves.

But now the question arises that why these keys were hardcoded in APK? Here are the reasons mentioned below:-

Acquiring all the static files from s3 buckets, so that later it can be reveal in the mobile app.

The data that has been collected from the app users to s3 were generally being uploaded. 

Conveying emails through the AWS SES service.

Leaked AWS Keys’ Effect 

AWS is an app that is available in the Google Play Store, with more than half a million downloads; And it also has hardcoded AWS key, and confidential secrets in its “strings.xml file”.

However, the keys that are got leaked have access to various AWS services and they also includes ACM (Certificate Manager), OpsWorks, ElasticBeanstalk, Kinesis, S3.

But, after an analysis, the report claims that the AWS keys has have access to 88 S3 buckets. According to the cybersecurity experts these 88 buckets contain nearly 10,073,444 files and the information that was being exposed is total of 5.5 Terabytes.

So, all these were deployed to host the files and the data that are being generated from the projects.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Infostealer Attacks Surge 84% Weekly Through Phishing Emails

The volume of infostealer malware distributed through phishing emails has surged by 84% week-on-week...

North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs

A division of Palo Alto Networks, have revealed a sophisticated scheme by North Korean...

New Phishing Technique Hides Weaponized HTML Files Within SVG Images

Cybersecurity experts have observed an alarming increase in the use of SVG (Scalable Vector...

Detecting And Blocking DNS Tunneling Techniques Using Network Analytics

DNS tunneling is a covert technique that cybercriminals use to bypass traditional network security...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Exploit Stolen Certificates and Private Keys to Breach Organizations

Recent research has unveiled a concerning vulnerability within the realm of containerized applications, where...

Gain Legends International Suffers Security Breach – Customers Data Stolen

Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed...

SpyMax Android Spyware: Full Remote Access to Monitor Any Activity

Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of...