popular android browser Experts claim that the app, which has been downloaded more than 5 million times on the Google Play store, may have leaked user data, including browser history.
cyber news (opens in new tab) said it discovered that the “Web Explorer – Fast Internet” app had left open a Firebase instance, a mobile application development platform designed to help with analytics, hosting, and cloud storage. .
At risk are five days’ worth of redirect data, including country, direct starting address, redirect destination address, and user’s country, all indicated by the user ID.
Android Web Explorer Data Exfiltration
cyber news Senior journalist Vilius Petkauskas explains that having this data alone may not be enough to provide what threat actors want, but cross-referencing it with additional details would be detrimental. It may turn out that there is.
The app was also found to have hard-coded client-side keys related to anonymized partial user browsing histories, unique public identifiers, and cross-server communication enablers.
“If an attacker can de-anonymize an app’s users, they will be able to see large amounts of information about a given user’s browsing history, which they can use for extortion.” cyber news OK.
Then it turned out that the open Firebase instance was closed and became inaccessible. This means that attackers can no longer access sensitive data. However, it’s not all good news. cyber news We’ve reached out to the app’s team about our findings, but have yet to receive a response.
Further digging revealed that the app was last updated in October 2020. That is, the hardcoded “secret” may still be there. The researcher wrote: