Appthority discovers app developers hard coding credentials into mobile applications using Twilio, putting users at risk

Many messaging apps these days offer users end-to-end encryption for their messages, meaning that these messages are protected from hackers who could still intercept them, but even if they did they wouldn’t be able to read them. However security is only as strong as its weakest link, something that has recently been demonstrated.According to a security report from Appthority (via Reuters), it seems that a coding error by developers has accidentally left hundreds of messaging apps vulnerable and could potentially expose private messages and calls. The exploit, which has been dubbed “Eavesdropper” is based on the Twilo Rest API or SDK, something that Reuters points out is highly coveted by hackers due to the fact that Twilo’s credentials are used in many apps used to send/receive messages and/or process phone calls.Note that this vulnerability was not an error on Twilo’s end, but rather third-party developers who accidentally hard-coded user credentials into the app’s code, making it easy for hackers to steal

Vulnerability in hundreds of messaging apps leaves user data exposed

Mobile threat protection firm Appthority discovered an exploit in almost 700 iOS and Android apps that could expose the private messages and calls of users. The company said that up to 180 million ...

Fri 10 Nov 17 from Techspot

Coding Error Leaves Hundreds Of Messaging Apps Vulnerable

Many messaging apps these days offer users end-to-end encryption for their messages, meaning that these messages are protected from hackers who could still intercept them, but even if they ...

Thu 9 Nov 17 from Ubergizmo

Researchers find hundreds of easily-breached messaging apps

The security of our personal data is top of mind right now, so the news that nearly 700 apps for iOS and Android were easily exploited to show private messages and calls is troubling, ...

Thu 9 Nov 17 from Engadget

Mobile-app errors expose data on 180 mln phones

Up to 180 million smart phone owners are at risk of having some of their text messages and calls intercepted by hackers because of a simple coding error in at least 685 mobile apps. ...

Thu 9 Nov 17 from Daily Mail

Mobile-app errors expose data on 180 million phones: security firm

(Reuters) - Up to 180 million smart phone owners are at risk of having some of their text messages and calls intercepted by hackers because of a simple coding error in at least 685 mobile apps, ...

Thu 9 Nov 17 from Reuters Technology

  • Pages: 1

Bookmark

Bookmark and Share