There are millions of apps in the Google Play Store, but not all of them are safe to use. Security researchers have recently identified several apps that contain serious security vulnerabilities.
The first app in question
According to a Forbes contributor, a seemingly harmless app called Video AI Art Generator & Maker by developer Codeway—which has been installed nearly half a million times—leaked all of its users’ images and videos. Over 12 TB of data, including 1.5 million images and nearly 400,000 videos, ended up freely available on the internet.
The incident wasn’t malicious, but due to a configuration error in Google Cloud. It allowed anyone to access the stored data without having to identify themselves first. For users of the app, it was a disaster.
The app is no longer available in the Google Play Store, as Google responded quickly to user complaints and removed it. It had been listed since June 2023 and was used to generate images and videos quickly and easily with AI. The leaked images were all created using the app, but possibly contained private content.
That wasn’t the only leak
Another app from the same developer, called IDMerit and used for identity verification, had an equally serious security vulnerability. However, this one didn’t result in the leaking of image data, but rather exposed sensitive personal information including:
- Full names
- Home addresses
- Postal codes
- Dates of birth
- ID card numbers
- Telephone numbers
- Gender
- Email addresses
- Other metadata
All of this information could be linked to individuals in the United States and 25 other countries, including Germany, France, China, and Brazil. Sensitive personal data like this can be used by attackers to launch targeted phishing attacks and/or steal identities.
If you have an app from developer Codeway installed on your device, you should uninstall it immediately. Also, check all incoming messages or emails for signs of phishing and ignore all such suspicious requests.
How to protect yourself
When installing new apps, you should always check whether they come from a trustworthy source. Although Google checks all apps offered in the Play Store, it can’t guarantee that they’re 100% secure. This is still the responsibility of the developers.
It’s therefore best to check how many apps the provider has previously released and whether they have a trustworthy track record. Don’t be tempted by hype or trends, such as AI-driven apps. Don’t install free apps that have not been sufficiently tested.
Pay attention to the device permissions requested by apps, too. Various seals of approval, such as the “Verified Developer” badge or this symbol for VPN apps indicating that an app has been sufficiently tested.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.