Monday, May 24, 2021 19:00 PM (GMT+7)
Security researchers at Check Point have just discovered a series of Android applications with poor security, making users vulnerable to personal data leakage when using.
The report outlines each security flaw, affecting 23 apps available on Google Play, each with between 50,000 and 10 million downloads. Most of the above applications violate privacy guidelines in collecting and storing user information.
Of these, there are 13 applications that store user data in the cloud but are not secure enough. This means hackers can easily access data from the outside. In addition, hackers can modify the developer’s notice, and replace it with malicious links or misleading content.
These vulnerabilities put at least 100 million Android users at risk of phishing, identity theft, and malware attacks.
Many Android apps can expose users to data leaks. Photo: Daily Express
Which Android apps put your data at risk?
13 out of 23 apps have poor security, allowing hackers to access public data, but Check Point only lists 5 applications that need attention:
– Astro Guru: A horoscope app with over 10 million downloads. Astro Guru stores each user’s full name, date of birth, gender, GPS location, email address, and payment information.
– iFax: A mobile fax application, which stores all documents sent by over 500,000 users in a cloud database.
– Logo Maker: A logo design app with over 170,000 users. Check Point found that the user’s full name, account ID, email, and password were all accessible.
– Screen Recorder: This app has more than 10 million downloads. The developer stored the user’s password on an unsecured cloud service, making the data vulnerable to leaks.
– T’Leva: A taxi hailing app from Angola with over 50,000 downloads, it keeps history between driver and rider, location data, full name and accessible phone number OK.
Check Point said it notified the app developers, but only Astro Guru responded, and some of the apps are still available on Google Play.
What should Android users do to keep their data safe?
The first step is to stop using the apps covered in the Check Point report, however the report only mentions 5 main apps, which means there are still at least 18 other apps that are storing data. without proper security measures in place.
You can take these precautions to keep your personal information and other important data safe, no matter what app you’re using:
– Use two-factor authentication (2FA) whenever possible.
– Retain important personal information. For example, you should not add a private home address if you feel it is not necessary, or use fake information to ensure safety.
– Use a different password for each account, and use a password manager to encrypt data.
– Limit login applications and services with Google, Facebook and Twitter accounts if possible.
– Grant application permissions to the minimum and necessary level.
These extra steps won’t completely prevent data leaks, but they can help you reduce the risk of identity theft.
More than 100 million users of nearly two dozen Android apps have had their personal data exposed.