Security News > 2020 > November > Baidu Apps in Google Play Leak Sensitive Data
Multiple Android mobile apps found in Google Play, including Baidu Search Box and Baidu Maps, were found by researchers to be leaking data that could be used to track users - even if they switch devices.
Researchers found the apps in question to expose a range of information, including: Phone model; screen resolution; phone MAC address; wireless carrier; network; Android ID; International Mobile Subscriber Identity; and International Mobile Equipment Identity.
Another offending application available in Google Play in the U.S. is the Homestyler - an interior-decorating app that researchers said has not been taken down.
Data leakage from Android applications and SDKs represents a serious violation of users' privacy, though developers often don't realize that their apps are at risk, researchers noted.
"Like IoT devices, apps are too often developed without security and privacy in mind. Free apps that feature ads are particularly vulnerable to attacks."
News URL
https://threatpost.com/baidu-apps-google-play-data/161556/
Related news
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)