Tuesday, August 5, 2014

APACHE CORDOVA VULNERABILITY DISCOVERED: 10% OF ANDROID BANKING APPS POTENTIALLY VULNERABLE


IBM X-Force Finds Apache Cordova Vulnerability That Might Expose Nearly 5.8% of Android Apps

The IBM Security X-Force Research team has uncovered a serious vulnerability that affects many Android applications built on the Apache Cordova (previously PhoneGap) platform. According to AppBrain, this affects 5.8 percent of Android apps. While 5.8 percent might sound like a low percentage, some widely-used Android applications are built on Cordova. In fact, researchers found that out of the 248 applications tested containing the keyword “bank,” 25 apps were built using Cordova — roughly 10 percent. This means an attacker could steal users’ banking credentials and perform transactions, such as withdrawing or transferring funds from their bank account to another account.

No comments:

Post a Comment

Comments are Welcome.