Security News > 2020 > November > Baidu Apps in Google Play Leak Sensitive Data

Baidu Apps in Google Play Leak Sensitive Data
2020-11-24 17:36

Multiple Android mobile apps found in Google Play, including Baidu Search Box and Baidu Maps, were found by researchers to be leaking data that could be used to track users - even if they switch devices.

Researchers found the apps in question to expose a range of information, including: Phone model; screen resolution; phone MAC address; wireless carrier; network; Android ID; International Mobile Subscriber Identity; and International Mobile Equipment Identity.

Another offending application available in Google Play in the U.S. is the Homestyler - an interior-decorating app that researchers said has not been taken down.

Data leakage from Android applications and SDKs represents a serious violation of users' privacy, though developers often don't realize that their apps are at risk, researchers noted.

"Like IoT devices, apps are too often developed without security and privacy in mind. Free apps that feature ads are particularly vulnerable to attacks."


News URL

https://threatpost.com/baidu-apps-google-play-data/161556/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411
Baidu 16 1 10 3 6 20