15
Fri, Dec
32 New Articles

90% of Crypto Mobile Apps found to be vulnerable, claims Security Report

90% of Crypto Mobile Apps found to be vulnerable, claims Security Report

Breaking News
Typography

As per a new report, mobile wallets catering to the cryptocurrency market may not be safe enough.

In brief:
As per a new report, mobile wallets catering to the cryptocurrency market may not be safe enough.

According to a new report, mobile wallets catering to the cryptocurrency market may not be secure enough. San Francisco security company, High-Tech Bridge has claimed in their recent research that analyzed over 2,000 apps on Google Play, that majority of mobile cryptocurrency wallet apps have poor security.


As per the report, of the first 30 crypto apps with up to 100,000 total installations, 93% contain at least three "medium-risk" vulnerabilities and 90% contain at least two "high-risk" issues. Further, out of the most-downloaded apps, the numbers improved a little, but not by much. 94% of apps with over 500,000 installations have at least three “medium-risk” vulnerabilities and 77% have at least two high-risk vulnerabilities.


The report reveals that the most common vulnerabilities include, "insecure data storage," which means private information can leak unintentionally. Next issue is, "insufficient cryptography," meaning that some form of cryptography was implemented to protect data, but was used incorrectly. Simply, in a nutshell, this means users might be at risk.


The report indicates that the problem lies deep in the Android app development community where security is never a priority.


Ilia Kolochenko, CEO and founder of High-Tech Bridge, said, "Depending on the application functionality, design and vulnerabilities, a wide spectrum of nuisances is possible, up to sensitive data and even the wallet (private key) theft."


Adding on, he said, "Unfortunately, I am not surprised with the outcomes of the research."


According to Kolochenko, the blame for poor scores is attributed to a lack of emphasis on security across mobile development. He says, "For many years, cybersecurity companies and independent experts were notifying mobile app developers about the risks of 'agile' development that usually imply no framework to assure secure design, secure coding, and hardening techniques or application security testing."


The analysis was carried out by scanning the most popular cryptocurrency management apps using Mobile X-Ray, a free web-based mobile app scanner that was launched this month. The company's free security analysis tool, Mobile X-Ray can be used by users and developers to plug in mobile apps and see the vulnerabilities.


Although, when it comes to securing funds, there’s a lot that can go wrong. The tech firm admits that its report is not as far-reaching. There could be other serious vulnerabilities since Mobile X-Ray only looks at the front end  and not in the backend. The report says, "This is just the tip of the iceberg."


Notably, with the prices of Bitcoin and various other cryptocurrencies reaching an all-time high, the defects in these apps expose users to theft and other financial fraud.

 

Disclaimer:  This is not an investment advice. It is of paramount importance that everyone should do his or her own due diligence before investing in any product, platform, tokens etc. Cryptocentral.io does not endorse any content or product published on this page. Our aim is to simply provide all the readers with the latest information in the field of cryptocurrency / blockchain industry that might be of interest to our readers.

Sign up via our free email subscription service to receive notifications when new information is available.