New research suggests that mobile applications boasting tens of millions of downloads are leaking sensitive user data due to the misconfiguration of back-end cloud databases, according to Check Point.

Check Point’s three-month study began with a simple query on VirusTotal for mobile apps listed on the malware scanning service that communicates with the Firebase cloud database.

Using this method, the vendor discovered 2113 mobile apps that had their Firebase back-end exposed due to misconfigurations.

The vendor has warned: 

“While writing code, developers invest a lot of resources to harden an application against several forms of attacks. However, developers may neglect configuring the cloud database properly thus leaving real-time databases exposed, which could then result in a catastrophic breach if exploited.”

“Developers often manually change the default locked and secured configurations of security rules to run tests. If left unlocked and unprotected before releasing the application to production it leaves the database open to anyone accessing it and thus susceptible to read and write into the database,” they continued.

The post Mobile apps are exposing your data appeared first on IT Security Guru.

source

You May Also Like

Most Inspiring Women in Cyber 2021: Regina Bluman, Security Analyst at Algolia

The IT Security Guru’s Most Inspiring Women in Cyber Awards aims to…

Armis and Eseye joint solution reliably secures connected devices on cellular networks

Global connectivity specialist Eseye and agentless device security platform provider, Armis, have…

UK Government Introduces PTSI Bill to better secure IoT devices

This week, the UK government has put forward the Product Security and Telecommunications Infrastructure (PSTI) Bill to Parliament with…