As reported in an article by the authoritative Wired magazine, they seem to be there thousands of apps on iOS and Android that expose users' personal data due to an incorrect configuration of cloud services. Users are therefore at risk without even knowing it, what exactly is going on?
The source of the news is a research carried out by the mobile security company called Zimperium, which has detected thousands and thousands of iOS and Android applications that are exposing users' personal data due to incorrect configuration of cloud services.
Zimperium would have analyzed over 1,3 million applications present on the Apple and Google stores, identifying errors in the configuration of cloud services that lead users' personal data to be exposed. Of the total number of apps analyzed by the company, well 131.000 (47.000 with iOS and 84.000 with Android) use third-party cloud services like AWS (Amazon Web Services), Google Cloud or Microsoft Azure instead of creating your own backend.
Of these over 130 thousand applications, research has found that 14% misconfigured the cloud services they rely on, effectively exposing users' personal data to hackers and cyber attackers of various types. This data can be recovered and even overwritten!
Shridhar Mittal, CEO of Zimperium, commented on the matter as follows:
“Hacking groups already perform this type of scan to find misconfigurations of the cloud in web services. In addition to sensitive user data, we also found network credentials, system configuration files, and server architecture keys in some of the Exposed app stores that attackers could potentially use to gain deeper access to a company's digital systems. ”
The worst part of this whole story is that this data leak is not the fault of users or cloud service providers. It is the developers, in fact, who have configured these clouds in such a way easily violated by external agents willing to get their hands on the data of unsuspecting users.
Although Zimperium went out of its way to try to contact a lot of developers of the apps it analyzed, most never responded to the request for a correction of the vulnerability. In the list of the app found in fault there would also be those made by important companies and not just small developers.
The Samsung Galaxy Buds Live True Wireless (TWS) earphones are available on Amazon for just € 129,95.