With the help of Will Strafach’s verify.ly service, the detection of some 76 apps that are currently vulnerable to data interception has been uncovered.

Though there are only 76 among millions of apps who were listed down, these chosen few have a total of 18 million downloads. These means that there are 18 million users out there who are open to data inception.

It is known how this is possible since these apps are all fully compliant to terms and regulations of the App Store and App Transport Security. According to Strafach the iOS Transport Security feature cannot block these vulnerabilities present in the apps. Though its purpose was to better the privacy and security of users, it seems that this issue had passed through its purpose.

The vulnerable apps were categorized into three levels: low, medium, and high risk. The developers behind the apps were notified ahead of time to avoid conflict. There are said to be 33 low risk apps, 24 medium risk apps and 19 high risk apps. Some of them are not yet named but those who belonged to the low risk level were given.

Related: Android Smart Lock: A Feature of Both Convenience and Security

Low risk apps are those whose vulnerable data are only limited to the analytics data about the device, email address, and login credentials while those under medium risk level has the possibility of intercepting service login credential and/or session authentication tokens for logged in users. However, the high risk level apps are confirmed to intercept even the financial or medical service login credentials and/or authentication tokens of the users. Regardless of the risk, it is better to stay safe and protect one’s data from being stolen or used by attackers.

Here is a list of the Low Risk Apps

  1. ooVoo – Free Video Call, Text and Voice
  2. VivaVideo – Free Video Editor & Photo Movie Maker
  3. Snap Upload for Snapchat – Send Photos & Videos
  4. Uconnect Access
  5. Volify – Free Online Music Streamer & MP3 Player
  6. Uploader Free for Snapchat – Quick Upload Snap from Camera
  7. Epic! Unlimited Books for Kids
  8. Mico – Chat, Meet New People
  9. Safe Up for Snapchat – Quick Upload photos and videos from your camera roll
  10. Tencent Cloud
  11. Uploader for Snapchat – Quick Upload Pics & Videos to Snapchat
  12. Huawei HiLing (Mobile WiFi)
  13. VICE News
  14. Trading 212 Forex & Stocks
  15. 途牛旅游-订机票酒店火车票汽车票特价旅行
  16. CashApp — Cash Rewards App
  17. [Clone of legitimate service] (Removed from App Store as of 7 Feb 2017)
  18. 1000 Friends for Snapchat — Get More Friends & Followers for Snapchat
  19. YeeCall Messenger-Free Video Call&Conference Call
  20. InstaRepost — Repost Videos & Photos for Instagram Free Whiz App
  21. Loops Live
  22. Private Browser — Anonymous VPN Proxy Browser
  23. Cheetah Browser
  24. AMAN BANK
  25. FirstBank PR Mobile Banking
  26. vpn free — OvpnSpider for vpngate
  27. Gift Saga — Free Gift Card & Cash Rewards
  28. Vpn One Click Professional
  29. Music tube — free imusic playlists from Youtube
  30. AutoLotto: Powerball, MegaMillions Lottery Tickets
  31. Foscam IP Camera Viewer by OWLR for Foscam IP Cams
  32. Code Scanner by ScanLife: QR and Barcode Reader

The apps for the Medium and High Risk levels are to be updated 60-90 days since the issue was revealed. The names of the applications had to be kept confidential to due to the sensitivity of the issue, though it still being worked on. For now, security measures are being done in order to avoid vulnerable apps and data interception among users.

Source: Will Strafach

Leave a comment

Your email address will not be published. Required fields are marked *