When signing on with another service’s account the app doesn’t keep the password or other information. What’s your opinion?Įach time a user registers and signs in on a mobile app with a normal account, the users is trusting that app to take the necessary steps to protect their e-mail, phone number, mailing address, etc. In my own research I found contradictory information about whether it’s a good idea or bad idea to register and sign in on a mobile app with Gmail or Facebook credentials. Instead, we recommend security-awareness trainings, both for individuals and companies as this may give each potential victim a fighting chance. How do hackers profit off this information? And should we be entering fake information when possible as a layer of protection?Ĭonsider that just name and email information are enough for hackers to attempt a spear-phishing attack, and an unsuspecting user can further install malware on a laptop by opening the email and clicking on malicious links.Įntering fake information cannot be considered a layer of protection. Often the data leaked by a mobile app breach is users’ real names, gender, date of birth, email addresses, IP addresses, and device details. In most cases, mobile app developers are not aware of secure coding techniques and poor coding or mistakes create exploitable vulnerabilities. This means that the security logic or sensitive information is now built outside the typical network security systems, thus putting them at risk. Modern mobile apps are required to perform at high speeds, and because of this, app developers will change an app’s infrastructure, moving some of the security logic from the backend to the front-end. Why are mobile apps so vulnerable to getting hacked and leaking user data? Are app developers doing something wrong or is it just extremely difficult to cover all the security bases necessary to prevent attacks? Lucky for me, I have first-hand access to the cybersecurity threat research experts of the Avira Protection Labs and Alexander Vukcevic was able to answer my questions. Given that it’s not one type of mobile app being targeted, I was curious to know more about the hows and whys of apps getting hacked and what users can do to protect themselves against mobile apps leaking their personal data. Most recent announcements have included the likes of comparison app Wishbone and datin g app Mobifriends, the latter leaking personal information of 3.5 million users, including email addresses, mobile numbers, and MD5-hashed passwords. And if privacy and apps are on your radar, you probably have noticed the increase of bad news when it comes to mobile apps getting hacked and suffering breaches. If you’re like me, you’re probably alert to concerns about mobile app providers monetizing and sharing your personal information with third parties.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |