The incident was due to a series of wrong security configurations of cloud services of some applications.
The personal data of more than 100 million Android mobile users have been exposed through a series of erroneous security configurations of third-party cloud services in applications for this operating system.
The information exposed by these databases included emails, chat messages, location, passwords and photos, which, in the hands of cybercriminals, could lead to fraud, identity theft and theft of services, as the company has warned of cybersecurity Check Point in a statement.
The problem is due to app developers who have exposed both their own data and the private information of millions of users by not following good practices by configuring and integrating third-party cloud services in their applications.
Specifically, the information came from the deconfiguration of real-time databases, which allow app creators to store information in the cloud, in order to ensure that they are synchronized in real time with all connected clients.
Investigating the content of certain apps that were publicly available, Check Point Research researchers found that a large amount of sensitive information was accessible, including email addresses, passwords, private chats, device location, user identifiers, and much more. more.
If a cybercriminal manages to get to this information, it could lead to a service deletion (that is, trying to use the same username and password combination in other services), fraud or identity theft.
Affected apps
The applications affected by the deconfiguration of their real-time databases have a sum of more than 100 million downloads from Android devices.
One of the apps that presents this configuration error is ‘Astro Guru’, a popular astrology, horoscope and palmistry application with more than 10 million downloads, which exposed data entered by its users to receive predictions.
Through ‘T’Leva’, a taxi app with more than 50,000 downloads, Check Point Research researchers were able to access chat messages between drivers and passengers and retrieve the full names of users, their phone numbers and their locations (destination and pickup), all with a single request to the database.
Another vulnerable application, with more than 10 million downloads, is ‘Screen Recorder’, which is used to record the screen of the user’s device and store the recordings in a cloud service, and which exposed the keys that give access to the stored recordings.
Follow the news of El Espectador on Google NewsAnother example is ‘iFax’, which not only had cloud storage access data embedded in the app, but also stored all fax transmissions there. With just a glance at the app, a cybercriminal could access each and every document sent by the 500,000 users who installed it.
The cybersecurity company has warned about the exposure of this type of information, which would allow users to receive attacks through the ‘push’ notifications of their mobile.
Following the discovery, Check Point Research contacted Google and each of the developers, prior to publishing this article. In fact, some have already changed their configuration, as indicated by the cybersecurity company.
