Zimperium: Research finds 14% of mobile apps store user data on unsecured servers

App developers often rely on third-party servers to simplify data storage, but the latest research shows that these servers often do not provide perfect security protection for sensitive data. Third-party services from Amazon, Google, and Microsoft provide a simple way to store user data and system files, so developers do not need to code the servers themselves. However, developers often do not provide proper security protection for these servers, leaving user data open, giving hackers an opportunity to take advantage.

According to the latest research released by market research firm Zimperium, this happens from time to time regardless of the vendor. After investigation and statistics, they found that 14% of iOS and Android applications that use cloud storage have insecure configurations and are very vulnerable to attacks.

The study noted that the type of data available on these servers depends on the application in question, but all stored data could be used by hackers. The unsecured data ranges from names and addresses to medical and financial data of each user.

Zimperium said that the vulnerabilities and data exposed could be used to obtain more sensitive data and operational processes. Some applications leaked entire cloud infrastructure scripts, including SSH keys and passwords for payment kiosks.

Zimperium came to the above results after investigating 84,000 Android apps and 47,000 iOS apps that use public cloud services. Among these apps that use services, 14% of them expose user data.

"This is a disturbing trend," said Shridhar Mittal, CEO of Zimperium. "For many of these apps, cloud storage is not properly configured by the developer or owner, and because of this, the data is visible to almost anyone. And most of us have some of these apps now." The problem is that developers are not protecting their servers, so any and all app categories are affected. The study found that the most affected categories include business, shopping, social, communication and tools.

From cnbeta