Researchers at Check Point, one of the leaders in Cyber Security, have confirmed that popular applications on Google’s Play Store continue to be vulnerable to the known vulnerability CVE-2020-8913, which means that millions of Android users are still at significant security risk.
The flaw is rooted in Google’s widely used Play Core library, which lets developers push in-app updates and new feature modules to their Android apps. The vulnerability makes it possible to add executable modules to any apps using the library.
An attacker who has a malware app installed on the victim’s device could steal users’ private information, such as login details, passwords, financial details, and read their mail.
The apps discovered to be vulnerable are:
- Social – Viber
- Travel – Booking
- Business – Cisco Teams
- Maps and Navigation – Yango Pro (Taximeter), Moovit
- Dating – Grindr, OKCupid, Bumble
- Browsers – Edge
- Utilities – Xrecorder, PowerDirector
But, let’s be honest, what does the impact present itself as? The malicious files can inject code into banking applications to grab credentials, while it also have SMS permissions to steal the Two-Factor Authentication (2FA) codes. In addition, it can inject code into social media applications to spy on the victim and use location access to track the device while on IM apps it can grab all messages, and possibly send messages on the victim’s behalf.
You might also like
More from Featured
Nissan’s New Navara Stealth Roars Back Onto SA Roads – Pricing
After a six-year hiatus, the locally built Nissan Navara Stealth is back - and louder than ever. Nissan has officially reintroduced …
New Opel Grandland Arrives in SA – pricing
The all-new Opel Grandland has landed in South Africa, bringing futuristic design elements from the Opel Experimental concept car to …
Mercedes-AMG E 53 HYBRID Edition 1 Arrives in SA – Only 12 Units Available
Mercedes-Benz South Africa has launched the Mercedes-AMG E 53 HYBRID 4MATIC+ Edition 1, bringing just 12 units of this exclusive …