Monday, July 15, 2024

Over 100 Million Personal Data Leaked Due to Misconfiguration From 23 Android Apps

Nowadays it becomes quite common and frequent to see how apps and companies are suffering cyber attacks, which resulting massive data breaches.

Recently, a team of security researchers at Check Point security company has reported a massive data breach in which data of 100 million users were exposed. This data breach happened due to a series of bad security configurations of third-party services in the cloud.

According to the security report from Checkpoint research, in total 23 Android applications were compromised, and the threat actors have found the compromised data in the unprotected real-time databases.

The most shocking thing about all these 23 Android apps is their downloads, as each of them has download counts ranging from 10,000 to 10 million.

Data involved

The cybersecurity researchers have claimed that in this massive data breach the following type of personal data has been compromised, and here they are mentioned below:-

  • Email addresses
  • Private messages
  • Personal photos
  • Passwords
  • User ID
  • Username
  • Push notifications
  • Screen recording
  • User location
  • Personal files
  • Payment details
  • Private chats
  • Dates of birth
  • Gender
  • Phone numbers

More Than 100 Million Users’ Data Exposed

As we told that 23 applications were compromised, and there have been more than 100 million personal data of different users who use all these Android apps were compromised. 

And this data breach happened only due to the app developers’ misconfiguration of third-party services. It’s a bad practice and not only that even it also depicts that how seriously nowadays the developers take the security measures.

The security analysts are able to discover this breach only for their routine investigation, as a routine security checkup they carried out this investigation on these 23 apps.

After their investigation, they found that some real-time databases that did not have any type of security or protection system. And the analysts easily got access to the exposed personal data of the users like email addresses, usernames, passwords, photos, chats, and messages as well.

The use of use real-time database is a general thing for app developers, as they use this technology to store data in the cloud so that in real-time they can synchronize that data with their users.

Hiding the keys

During the security investigation, the cybersecurity researchers have also discovered some other sensitive details related to the developer, that are implanted in some of the apps that are tested by them.

Even they also affirmed that they discovered the credentials for push notification services in one of the tested applications.

Among those 23 apps, the security experts have found the cloud storage keys in two popular apps, Screen Recorder, and iFax. Here, the Screen Recorder is available on Google Play with more than 10 million installations.

Due to the obscure security adoption, some of the developers are unexpectedly compromising the security of their users’ data and privacy. As the researchers have alleged that some of the developers have used base64 encoding, due to which the decoding remains unprotected.

Compromised apps

The security specialists at Check Point have distinctly pronounced that among 23 compromised apps, many of them have more than 10 million downloads on Google Play Store, and here the most interesting thing is that a maximum of them are don’t have any protected database.

Moreover, the Astro Guru is one of the apps that offer astrology, horoscope, and palmistry services, so, due to the prediction of several factors the users put more and accurate data, and as a result, the security authorities have found a large amount of endangered user data in its real-time database.

But, fortunately, this severe privacy error has only transpired in a small number of apps like Screen Recorder, iFax, Logo Maker, T’Leva, or Astro Guru.

However, as a security measure or mitigation, the experts have strongly recommended the users to uninstall these apps from their Android devices immediately.

While the research team at Check Point security firm has already contacted and reported this serious privacy error to Google, and all the developers of these apps before making it public.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

ViperSoftX is an advanced malware that has become more complicated since its recognition in...

Malicious NuGet Campaign Tricking Developers To Inject Malicious Code

Hackers often target NuGet as it's a popular package manager for .NET, which developers...

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Airlines often become the target of hackers as they contain sensitive personal and financial...

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles