MOBILE SECURITY BLOG

While the World Cup is around the corner, football applications are becoming omnipresent. Among their features, you can check live scores, follow your team ranking, create an account linked to your social media etc. At first sight, nothing scary. But while investigating applications* connected to one of the most followed event in the world, Pradeo’s research team found out a worrying trend: most of them are highly intrusive and vulnerable. On top of the list, there is the Eurosport app which was downloaded more than 10 million times.

Mobile applications are the first media we use to access information from our smartphones and tablets. We easily trust them with sensitive data, but what do we know about their security levels? Organizations develop mobile applications at a fast pace to keep up with business needs and often leave aside security measures.

Pradeo just published its biannual mobile threat report, based on a sample of 2 millions Android and iOS Applications analyzed by Pradeo’s engine. It gives an insight of the mobile threats currently surrounding us.

Pradeo’s Lab discovered that some game applications in the Google Play published by SEGA, the famous video games developer and publisher, access and leak users’ geolocation and device data. Hundreds of millions of users are concerned by these data privacy violations.

Yesterday, Pradeo’s behavioural analysis engine raised an alert about an application available on the Google Play store called “Dune!”. The app is a game that has been downloaded over 5 million times in the last few weeks and is now part of the “Top Apps” list on the Google Play store.