The personal data of millions of Android smartphone users is in danger. Its alert research firm Check Point has released its report. Check Point Security Research has stated in its report that Grindr, Bumble, OkCupid, Cisco Teams, Yango Pro, Edge, Edge (Xrecorder), Power Director ( Many other popular apps, including PowerDirector), remain vulnerable to the drawbacks of the Play Core Library.
New developer core library to install app developers
Security researchers at Check Point have said that Google (Google) had rectified the flaw in April this year, but to completely avoid this threat, app developers themselves have to install a new Play Core library. The apps that Check Point has mentioned are currently on the old Play Core Library version. Viber and Bookings were also on the old version, but after providing information from Check Point they updated their Play Core Library.
Data on cyber criminal targets
Security researchers at Check Point have stated that CVE-2020-8913 on these apps (many popular apps including Grindr, Bumble, OKCupid, Cisco Teams, Yango Pro, Edge) remain vulnerable to this flaw. Taking advantage of this flaw, Cyber Criminals add dangerous code to these apps and then execute this code to access all the resources of the hosting app. According to the check point, cybercriminals then steal sensitive data from other apps on that device.
The risk of theft of private information
Check point report said that due to this flaw there is a risk of theft of private information like login details, passwords, financial details of users. Google has given this bug a rating of 8.8 out of 10 in Severity. It has been more than 6 months since Google released the patch to address this flaw. However, the app developers have still not installed the Play Core Library update.