Some of The Most Popular Applications on Google Play Are Vulnerable To Massive Data Theft

The cybersecurity company Check Point has detected a vulnerability in important Google Play applications that have millions of downloads.

Popular applications like Edge Browser or Power Director are some of those affected by a vulnerability in Google Play. This has been indicated by the cybersecurity company Check Point, which has detected that the security flaw is not fully corrected.

The gap allows the other malicious apps steal crucial data of users such as contacts, login credentials, private messages, and other sensitive information. Some of the affected applications have millions of downloads.

Vulnerability actually resides in Google Play Core Library, a code created by Google. This section allows applications to streamline the update process, for example by receiving new versions during runtime and tailoring updates to the specific configuration of a specific phone model on which the application is running.

The security flaw it was discovered in august thanks to the security company Oversecured. Through it it is possible for the installed application to execute a code in any other application that depends on the vulnerable version of the library. And this bug opened the possibility for untrusted sources to copy files to a folder that was supposed to be reserved only for trusted code from Google Play.

Google has already corrected the error in Google Play, however, part of the process to strengthen security against this possible attack depends on the other developers of other applications. They must download the updated library and then incorporate it into their application code. According to Check Point research results, a considerable number of developers continued to use the vulnerable version of the library and therefore their applications remain a risk to the safety of users.

The applications identified by Check Point included Edge, XRecorder, and PowerDirector, which have been installed on 160 million devices. While this security flaw is being solved, it is always convenient that all users have a strong antivirus system on all devices, keep the mobile and any application updated to receive the code corrections made by the developers and exercise extreme caution when we go to download any application.

Previous Post Next Post