September 18, 2022
Ios Android Apps are Leaking Your Data, YT Trending - Latest Technology News

Symantec, a cyber security firm, is raising concerns about the ease with which millions of people’s private information can be accessed via a variety of apps, most of which run on iOS.

The issue would be caused by the reuse of valid Amazon Web Services (AWS) tokens. This would provide access to a large amount of information.

The reuse of hard-coded Amazon Web Services tokens has been identified as a serious security flaw in 1,859 apps, 98% of which are iOS-based. In fact, we discover the reuse of the same AWS credentials in 53% of Symantec-tested applications. This data is now ten times more dangerous. The problem, according to Symantec, stems from the supply chain, particularly when developing apps with software development kits (SDKs).

Read More: Samsung Claims That in a Recent Data Breach, Hackers Were Able to Access Some Customer Data.

Data leaks are a risk with Android and iOS apps.

According to the company, the vulnerability is limited if the AWS code only allows access to a single file in the Amazon Simple Storage Service (S3), which is not the case in this case. One example is a B2B company’s SDK. This gives clients access to all of the company’s cloud infrastructure keys in addition to its platform. There are over 15,000 large and medium-sized businesses listed there. Furthermore, Symantec claims that information about customers and employees, as well as financial records, could be accidentally leaked.

Ios Android Apps are Leaking Your Data, YT Trending - Latest Technology News

According to Symantec, “the business has hard-coded the AWS access token to access the AWS translation service.” Anyone with the hard-coded access token, on the other hand, had full, unrestricted access to the B2B enterprise’s AWS cloud services, not just the translation cloud service.

The reuse of these tokens, which grant complete access to data across multiple applications, significantly increases the risk of leakage. Even if it is primarily unintentional on the part of developers. According to Symantec’s investigation, AWS tokens are used in 47% of the apps tested. Which not only allow access to coding-related files, such as those in a private cloud area. But also to Amazon’s millions of files (S3).

Leave a Reply

Your email address will not be published.