Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Thousands of Apps Leak Sensitive Data via Misconfigured Firebase Backends
#1
Quote:Thousands of iOS and Android mobile applications are exposing over 113 GBs of data via over 2,271 misconfigured Firebase databases, according to a report released this week by mobile security firm Appthority.

Firebase is a Backend-as-a-Service offering from Google that contains a vast collection of services that mobile developers can use in the creation of mobile and web-based apps.

The service is insanely popular with top Android devs, providing cloud messaging, push notifications, database, analytics, advertising, and a bunch more of other backends and APIs that they can easily plug into their projects and benefit from Google's large-scale and high-performance systems within their apps.

Appthority scanned over 2.7 million mobile apps
Starting with January 2018, Appthority researchers scanned mobile apps that used Firebase systems to store user data, analyzing the app's communications pattern for requests made to Firebase domains.

Researchers searched in particular for apps that connected to Firebase-based JSON URLs that when accessed directly, allowed any unauthorized third-party to view all the app's data.

After scanning more than 2.7 million iOS and Android apps, researchers said they identified 28,502 mobile apps (27,227 Android and 1,275 iOS) that connected and stored data inside Firebase backends.

Of these, 3,046 apps (2,446 Android and 600 iOS) saved data inside 2,271 misconfigured Firebase databases that allowed anyone to view their content.

Read the full article: HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  TikTok denies security breach after hackers leak user data, source code tarekma7 0 1,880 09-06-2022 , 10:19 AM
Last Post: tarekma7
  Apple Fix for Safari Data Leak Could Come This Week mrtrout 0 808 01-24-2022 , 11:28 PM
Last Post: mrtrout
  Android apps exposed data of millions of users through cloud authentication failure mrtrout 0 1,068 05-21-2021 , 12:58 AM
Last Post: mrtrout
  How to check if your info was exposed in the Facebook data leak tarekma7 0 922 04-06-2021 , 09:18 AM
Last Post: tarekma7
  Thousands of Android and iOS Apps Leak Data From the Cloud Bjyda 0 1,131 03-05-2021 , 12:11 AM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)