Thursday, 22 June 2023
Estimated reading time:2 minutes
Firebase is an app hosting platform acquired by Google in 2014. According to cybersecurity experts, the developers of the 24,000 apps available on the Play Store failed to properly configure Firebase's security system. As a result, personal data collected by all developers on their respective apps is at stake, directly accessible on Firebase's servers.
With this security hole, any experienced hacker can break into the system and steal a large amount of personal information such as email address, password, identification number, phone number, address only postage or even IP address. According to Comparitech, some databases on Firebase even contain bank information and identification photos.
All this information can be sold by hackers for high prices on the dark web. In addition, they can also insert malicious code and malware into an application. Therefore, do not alarm the vigilance of the developers.
The 24,000 Android apps affected by this vulnerability have accumulated 4.22 billion downloads worldwide. Not surprisingly, Comparitech immediately alerted Google to the discovery. For its part, the Mountain View company will contact the developers of the threatened apps.
Firebase offers a number of features to help developers set up safety. We notify developers of potential misconfigurations in their implementation and offer suggestions for correction. We are contacting affected developers to help them resolve the issue, Google said.
A comprehensive study released this past week discovered hidden "backdoor"-like behavior — like secret access keys, master passwords, and secret comma...
Using the CableOS Platform, Access Communications can transition to the next generation of broadband networks while consuming less power than traditio...