• About us
  • Disclaimer
  • Privacy Policy
Monday, July 4, 2022
  • Login
  • Register
W-SE (Web - SEcurity)
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Software help business

    Reasons to Buy the Right Business Hardware

    Network Management Security

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    DGE 1001

    Splashtop Cost

    Cyber Security Degree In Pennsylvania

    How to Secure Your PC Before Going Online Shopping

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Software help business

    Reasons to Buy the Right Business Hardware

    Network Management Security

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    DGE 1001

    Splashtop Cost

    Cyber Security Degree In Pennsylvania

    How to Secure Your PC Before Going Online Shopping

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
W-SE (Web - SEcurity)
No Result
View All Result
Home Malware

4,000 Android apps on Google Play Expose User Data

Melina Richardson by Melina Richardson
in Malware, Vulnerabilities
A A

Firebase is a 2011 product of both mobile and web applications by Firebase, Inc. It was later purchased by Google in 2014.

The Firebase provides various server analytics, authentication, databases, setup, file storage, push messaging and more. Many of these services are stored in the cloud and can be conveniently used.

More than 30 percent of all applications in the Google Play Store use firebase services

Misconfigurations on Google Firebase

Comparitech ‘s security researchers found that 4.8 per cent of mobile applications that use Google Firebase to store data are not properly protected.

The misconfiguration allows anyone “to access databases that contain personal information about users, access tokens, and other data without a password or any other authentication.”

4,282 apps leaking sensitive information in the examined 515,735 Android apps on Google play, according to Comparitech’s security research team.

The misconfigured apps found by Android users to have been installed 4.22 billion times. Using such apps could put user privacy at risk.

Screenshot Capture - 2020-05-14 - 11-51-45

Following are some of the exposed data

  • E-mail addresses: 7,000,000+
  • Usernames: 4,400,000+
  • Passwords: 1,000,000+
  • Phone numbers: 5,300,000+
  • Full Name: 18,300,000+
  • Chat messages: 6,800,000+
  • GPS data: 6,200,000+
  • IP addresses: 156,000+
  • Street addresses: 560,000+

Screenshot Capture - 2020-05-14 - 11-52-16

Games related apps find weak in contrast to other apps in the group.

Screenshot Capture - 2020-05-14 - 11-52-54

“Of the 155,066 examined Firebase applications, 11,730 had the databases open to the public. 9,014 of them have received permission to publish, “the blog post reads.

By letting the user write permissions, false news can be injected, malware spread and the application database compromised.

Of the 11,730 apps revealed, 4,282 user details leaked out. These insecure URLs in the database were found to be indexed by other search engines such as Bing.

The vulnerability reported to Google on April 22, a Google spokesperson said “Firebase provides a number of features that help our developers configure their deployments securely. We provide notifications to developers about potential misconfigurations in their deployments and offer recommendations for correcting them. We are reaching out to affected developers to help them address these issues.”

Tags: Google Play
ShareTweetShare
Previous Post

Samsung Makes Autofocus Quicker in New Image Sensor

Next Post

Zero Day Initiative Researchers Publish Five Windows Zero Days

Melina Richardson

Melina Richardson

Melina Richardson is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cybers Guards & w-se. Previously, he worked as a security news reporter.

Next Post
Microsoft

Zero Day Initiative Researchers Publish Five Windows Zero Days

Please login to join discussion
  • Trending
  • Comments
  • Latest
inurl technology

Latest Carding Dorks List for Sql Injection 2022

March 16, 2022
connect monitor to laptop two screens

How To Connect A Monitor To A Laptop And Use Both Screens?

February 10, 2021
how to connect two monitors to my laptop

How Do I Connect 2 Monitors To My Lenovo Laptop?

January 22, 2021
Gb Whatsapp An Unexpected Error

Gb Whatsapp An Unexpected Error

November 7, 2021
Windows Flaw

If Older Battleye software is used, Windows 10 1903 Blocked

0
Mac Os

New unpatched macOS bypass gatekeeper published online

0
Siemens Medical Products

Wormable Windows Flaw Affected Siemens Medical Products

0
Cloud Computing

5 Tips of the Personal Data Protection in the Cloud

0
Software help business

Reasons to Buy the Right Business Hardware

June 30, 2022
Business Intelligence

How Containerization Can Help with Your Automation Strategy

June 27, 2022
Private Browsing Do's And Don'ts

Private Browsing Do’s And Don’ts

June 27, 2022
The Safest Mobile Payment Options Available

The Safest Mobile Payment Options Available

June 27, 2022

Quick Links

Learnopedia
Tech Write For US
Technology Write For US
Casino Write For Us
Mr.Perfect Reviews
Cyber Security Career

Recent News

Software help business

Reasons to Buy the Right Business Hardware

June 30, 2022
Business Intelligence

How Containerization Can Help with Your Automation Strategy

June 27, 2022
Private Browsing Do's And Don'ts

Private Browsing Do’s And Don’ts

June 27, 2022
The Safest Mobile Payment Options Available

The Safest Mobile Payment Options Available

June 27, 2022
W-SE (Web – SEcurity)

W-SE regularly updates cyber attacks, hacking and events that provide IT security professionals with information throughout the world. Also offering news in W-SE. We spent two years living and sharing guidance and insights with IT experts, detailed analyzes and news.

We also train people with product reviews in different form of content.

Browse by Category

  • computer
  • Fraud & Identity
  • gaming
  • How To?
  • laptop
  • Malware
  • Microsoft
  • Mobile
  • photography
  • Privacy
  • Reviews
  • Security
  • Security Degree
  • Smart phone
  • smart tv
  • Social
  • software
  • Tech
  • Tech today
  • Top list
  • Uncategorized
  • Virus & Threats
  • Vulnerabilities
  • Website
  • What is?

Recent News

Software help business

Reasons to Buy the Right Business Hardware

June 30, 2022
Business Intelligence

How Containerization Can Help with Your Automation Strategy

June 27, 2022
  • About us
  • Contact
  • Disclaimer
  • Home
  • Privacy Policy
  • Resources
  • Support Forum
  • Tech Blog
  • Technology Write For Us
  • W-SE (Web Security)

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In