Security News > 2020 > June > Trump's 2020 Reelection App Exposed Secrets, Keys

Trump's 2020 Reelection App Exposed Secrets, Keys
2020-06-18 04:02

An analysis of the "Official Trump 2020" application revealed that keys to various parts of the app were being exposed to attacks, Website Planet reports.

While investigating the app, Website Planet's cybersecurity analysts Noam Rotem and Ran Locar discovered that the Android APK was exposing information such as Twitter application keys and secrets, Google apps and maps keys, and Branch.io keys.

The exposed keys, the analysts reveal, provided them with access to various parts of the application, but not to user accounts.

The branch.io keys, for example, could provide hackers with potential access to app user and usage data.

"Vulnerabilities of this kind can easily be prevented with the implementation of more robust security practices. The app should not have revealed such sensitive information. Simultaneously, any access keys should be secured, and secrets must never be exposed," Holder points out.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/VYuOG2V3yGM/trumps-2020-reelection-app-exposed-secrets-keys