Advertisement
Live broadcast

More than 2 thousand vulnerabilities have been found in popular mobile applications.

0
Photo: IZVESTIA/Eduard Kornienko
Озвучить текст
Select important
On
Off

An analysis of the top 100 most downloaded applications in the segment of ads and online services revealed more than 2,000 vulnerabilities, of which over 500 are classified as critical and highly dangerous, AppSec.Sting told Izvestia.

Stolen Sea: Russians warned about fraud due to news of the largest data leak
Criminals create fake websites and lure users.

"Gaps in internal data open up opportunities for hackers to launch massive phishing attacks, fake notifications, and offers to pay for non-existent services. As a result, instead of a house by the sea, the user risks being left without housing and without funds," the company noted.

Fraudsters often disguise themselves as support staff and, through social engineering, convince victims to change their password or undergo "verification." Due to the vulnerabilities of mobile applications, the user, without suspecting anything, may lose access to the account and even money, they said.

The editors found people online who were faced with a similar problem. For example, a company that has been working in the field of music services for more than five years has lost access to its business account in one of these applications. In the spring of 2025, her profile was suddenly renamed, all ads were deleted, and when she tried to log in, her phone and email were no longer suitable. Instead of the cover band's services, flower sales ads appeared on the page, its representative told one of the forums.

According to him, the scammers took advantage of a vulnerability in the system: email addresses were not completely masked and could be easily guessed. Knowing the address, the attackers contact the support service and gain access to someone else's account. The company still managed to restore the account, but just an hour later it was blocked by the application again, and attempts to withdraw money from the account or delete it to create a new one were unsuccessful.

Read more in the exclusive Izvestia article:

Tenacity of hands: more than 2 thousand vulnerabilities were found in the top 100 applications of ads and services

Переведено сервисом «Яндекс Переводчик»

Live broadcast
Subscribe and get the news first
Menu
Advertisement
RSS

Copyright for the iz.ru portal content visualisation system, as well as for the source data, including texts, photos, audio and video materials, graphic images, other works and trademarks, belongs to "MIC Izvestia" LLC

Partial quotation is possible only with a hyperlink to en.iz.ru

The site is operated with the financial support of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.

The advertiser is responsible for the content of any advertising materials posted on the portal.

The information resource uses recommendation technologies. More detailed

The news, analytics, forecasts and other materials presented on this website do not constitute an offer or recommendation to buy or sell any assets.

Registered by the Federal Service for Supervision of Communications, Information Technology and Mass Communications. Certificates of registration Certificate of registration: EL № FS 77 - 76208 dated July 8, 2019. , Certificate of registration: EL № FS 77 - 72003 dated December 26, 2017.

All rights reserved © «MIC «Izvestia» LLC, 2025