A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they’re also putting people’s privacy and the security of their data at risk, researchers have found. Security researchers at the ZeroFOX Alpha Team have uncovered various privacy concerns and security vulnerabilities – including a backdoor in various apps. The apps are either created and endorsed by countries or invented as one-offs by threat actors to take advantage of the current pandemic, according to a blog post published Monday. Researchers analyzed dozens of COVID-19 apps – which continue to emerge with the spread of the coronavirus, paving the way for related security threats across the globe. In the analysis, they highlighted three that pose a particular threat to citizens, citing not only potential cybercriminal activity but also simple mistakes by app developers. In early March in Iran, one of the first places COVID-19 emerged as a serious health threat, the government released an official app, available on an Iranian app store known as CafeBazaar. The app was meant to track citizens, and it sparked privacy concerns because rather than provide vital health information, it appeared to have the sole purpose of harvesting user personal information, researchers wrote. If the app itself wasn’t worrisome enough, threat actors also created a copycat app, dubbed CoronaApp, available online for direct download by…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-04-07 09:55:002020-04-07 09:55:00Official Government COVID-19 Mobile Apps Hide a Raft of Threats
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org