The specialists of the information security company Zimperium analyzed more than 1.3 million applications for devices based on Android and iOS and came to a disappointing conclusion. The fact is that they found about 84 thousand Android applications and 47 thousand iOS applications that use public servers instead of private ones, which is a potential threat to the privacy of user data.
Another problem is that in some cases applications are misconfigured, which can also lead to data leakage. The source notes that developers often use public services such as Amazon Web Services, Google Cloud and Microsoft Azure to route sensitive data instead of creating their own servers.
The danger of using such applications is also that they can be used to extract not only data for further display of personalized ads, but also confidential information, including financial and payment details, passwords, etc. In addition, some applications allow you to remotely overwrite confidential data that can be used by cybercriminals for all sorts of fraud.
Zimperium employees have informed some developers of problematic applications about the existing security threat to users’ confidential data, but it is not known whether they will work to eliminate it. It is also noted that for Zimperium the task of notifying tens of thousands of developers is practically unattainable. Therefore, no specific names of companies and software products are mentioned in the report.
If you notice an error, select it with the mouse and press CTRL + ENTER.