A new threat has arisen for smartphone users. A team of researchers has identified more than 4 thousand such Android apps that steal user data. All these apps are designed on Google’s app development platform Firebase. According to researchers of Comapritech, these data leaks are due to a flaw in the database of Google Firebase.
Theft of user’s personal data
According to an estimate, more than 30 percent of the apps on the Google Play Store use the Firebase platform. Of these, Android apps that store data using Google Firebase, 4.8 are excluded from safe category. These apps allow anyone to access user data. Taking advantage of this, hackers easily steal the user’s personal data.
OnePlus 8 Pro hidden special ‘X-Ray’ feature, know how it works
Hackers can remove or add data to the server
The researchers examined 5,15,735 apps on the Play Store. Of these, there are 1,55,066 apps that use Firebase and out of these 4,282 are apps that are stealing sensitive data of the user’s phone. There are also 9,014 such apps on the play store that take read and write permission. Once the right permission is received, anyone can remove or add data to the server.
Gaming and education related apps dangerous
According to cyber security researchers, 40 percent of data leaking apps are related to gaming and education. With the help of this threat, hackers can download the user’s email ID, username, password, phone number, GPS data, home address as well as many other important data.
Realme’s gaming smartphone will give tremendous gaming experience with powerful specifications
Google is trying to fix the flaw
The researchers said that these databases can be accessed by adding ‘.json’ to the firebase URL. Google has currently removed these database URLs from search results, but they are still getting indexed on other search engines. Researchers reported this data leak to Google on 22 April. Talking about this, a Google spokesperson said, “We notify the developers about the serious flaw in the deployment configuration and also tell them how to fix it.” We are investigating this matter seriously and are also helping the developers in fixing it. ‘