The eight Android and iOS apps fail to protect user data by transmitting sensitive information, such as device details, geolocation, and credentials, over HTTP instead of HTTPS. This exposes data to theft, eavesdropping, and man-in-the-middle attacks, highlighting poor implementation of encryption.
Klara Weather and Military Dating apps pose security risks due to unencrypted data transmission. Klara Weather, in particular, leaks user geolocation data over HTTP, exposing sensitive privacy information.
The Military Dating app sends unencrypted usernames and passwords, making them vulnerable to interception and compromise, which could lead to unauthorized access, identity theft, or other malicious activities.
The Android apps Sina Finance and CP Plus Intelli Serve pose security risks by leaking sensitive device information, such as device ID, SDK version, and IMEI, over unencrypted HTTP connections, which exposes users to tracking and profiling. CP Plus Intelli Serve also transmits usernames and passwords in plain text, making them vulnerable to interception. Both apps lack basic security measures like HTTPS encryption, leaving user data exposed to privacy and security breaches.
Latvijas Pasts and HaloVPN, with over 100,000 and 13,300 downloads respectively, pose security risks by transmitting sensitive user data unencrypted. Latvijas Pasts leaks user geolocation over HTTP, while HaloVPN exposes device information, including ID, language, model, name, time zone, and SIM details.
The apps i-Boating: Marine Charts & GPS and Texas Storm Chasers transmit sensitive user data over unencrypted HTTP connections. i-Boating sends device information like type and OS version, while Texas Storm Chasers transmits user geolocation, exposing users to risks like eavesdropping and data interception.
Unencrypted data transmission in mobile apps creates serious security risks for users. Developers should use HTTPS, encrypt sensitive data, conduct security audits, and focus on protecting user data.
Symantec advises users to protect their devices by installing a trusted security app, avoiding downloads from untrusted sources, keeping software up to date, reviewing app permissions, and regularly backing up important data.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment