 "Facebook, Instagram on Google Play Store still vulnerable: Check Point")
Check Point Research on Thursday said it found the latest versions of some of the most famous apps in the world on Google's Play Store, including Facebook and Instagram, to have vulnerabilities that were believed to have been patched earlier.
The research shows that threat actors can still execute code on the latest versions of mobile applications on Play Store, despite the updates those mobile apps have pushed to people.
In short, threat actors can gain administrative control over the mobile applications studied by Check Point Research.
Theoretically, hackers can steal and alter posts on Facebook, extract location data from Instagram and read SMS messages in WeChat, said the research.
In a month-long study, Check Point Research cross-examined the latest versions of these high-profile mobile for three known remote control execution (RCE) vulnerabilities dating from 2014, 2015 and 2016.
Each vulnerability was assigned two signatures. Then, Check Point Research ran its static engine to examine hundreds of mobile applications in Google's Play Store to see if old, vulnerable code was present in the latest version of the application.
Check Point Research found vulnerable code, which was claimed to patched, present in the latest versions of popular mobile application.
For now, Check Point urges people to install an antivirus-app that monitors vulnerable apps on the phone.
"Mobile app stores and security researchers do proactively scan apps for malware patterns, but devote less attention to long-known critical vulnerabilities. Unfortunately, this means there's not much the end user can do to keep his mobile device fully secure," said the research.
Check Point Research said it informed the applications as well as Google about the vulnerabilities.
The revelations come amid a snooping controversy that hit WhatsApp after Israeli spyware Pegasus exploited vulnerability in the messaging platform, affecting 1,400 select users globally, including over 100 in India.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app