Popular Android apps, like Facebook and Instagram are full of serious security holes, CheckPoint reveals. According to the researchers, these applications available on the Google Play Store contain vulnerabilities that are several years old and have never been corrected. The firm accuses the developers of negligence.
An obsolete code has been discovered in 19 popular and regularly updated Android apps on the Google Play Store, report Check Point’s cybersecurity experts. The developers of these applications have not deleted that code even years after the discovery of these vulnerabilities.
By exploiting these breaches, a hacker would theoretically be able to execute malicious commands without the knowledge of the users. “Three security vulnerabilities, discovered more than two years ago, make hundreds of applications potentially vulnerable to remote code execution,” said Slava Makkaveev, IT security expert at Check Point. “The user can not do much to protect his smartphone” regrets the expert.
The list of vulnerable Android applications
In its report, Check Point unveils a complete list of applications that contain security vulnerabilities. In the list, there are major social networks, such as Facebook, Instagram and instant messaging applications, including Messenger and WeChat.
- Facebook Messenger
- Mobile Legends: Bang Bang
- JOOX Music
- Motorcycle BETA
- Yahoo! Transit
- Yahoo! browser
- Yahoo! MAP
- Yahoo! Car navigation
- Video MP3 Converter
After Check Point alert, Google has opened an investigation had been opened. For its part, Facebook is trying to reassure its users. “Facebook users are not exposed to any of Check Point’s issues because of the way our systems use this code”, says Facebook. The Californian group claims that a patch has already been added to the Instagram application on Android.