Eavesdropper Vulnerability Exposes Hundreds of Mobile Apps

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
12,316
Appthority on Thursday warned that up to 700 apps in the enterprise mobile environment, including more than 170 that were live in official app stores, could be at risk to due to the Eavesdropper vulnerability. The vulnerability has resulted in large-scale data exposure, Appthority said. This vulnerability was first discovered back in April, but it appears no one is taking is seriously. This seems like a significant vulnerability to me and could result in sensitive information being exposed. Fix your code!

The vulnerability reportedly exposes massive amounts of sensitive and even historic data, including call records, minutes of the calls made on mobile devices, and minutes of call audio recordings, as well as the content of SMS and MMS text messages.
 

Sonicks

[H]ard|Gawd
Joined
Jul 24, 2005
Messages
1,401
People can hate Apple's "walled garden" (stupid phrase) approach but it would seem that these articles come out once a month are only regarding the Android OS and their app ecosystem.
 

Track Drew

Limp Gawd
Joined
Dec 6, 2007
Messages
511
People can hate Apple's "walled garden" (stupid phrase) approach but it would seem that these articles come out once a month are only regarding the Android OS and their app ecosystem.

https://threatpost.com/eavesdropper-vulnerability-exposes-mobile-call-text-data/128838/
The so-called Eavesdropper vulnerability, disclosed today by Appthority, has been around since 2011 and in apps downloaded likely more than 200 million times.

The researchers privately reported the bug in July; they found 685 enterprise apps (56 percent of them iOS apps) linked to 85 Twilio developer accounts. Many of the apps have been removed from the respective Apple and Google stores but as of August, 75 still remained on Google Play and 102 on the App Store.

They both have issues.
 

SomeoneElse

[H]ard|Gawd
Joined
Jan 16, 2007
Messages
1,941
Anyone know the list of apps they are referring to? I didn't catch them in the article. I skimmed it but didn't find anything .
 

travbrad

[H]ard|Gawd
Joined
Jan 11, 2005
Messages
1,253
Anyone know the list of apps they are referring to? I didn't catch them in the article. I skimmed it but didn't find anything .

Yeah I didn't see it either, which is kind of the most important and useful information to have in an article like this for consumers.
 
Top