The research team of Cyber news recently took a closer look at the ten most popular kids tracking apps. These are essentially surveillance apps, designed for parents who fear for their children’s safety and want to use their mobile devices to make sure they’re safe. In total, these apps have received more than 85 million downloads and yet none have received the highest privacy rating and an app with more than 50 million installs is even considered a “critical risk”.
One of the problems with these apps is that: include third-party trackers, meaning both children and parents collect their data, the researchers explained, which can then be used for a wide variety of purposes, but especially for targeted advertising. One of the apps, which also made the top 50 free apps in the social category in the US, was discovered by sharing data from the Broadcast receiversan Android component that allows apps to respond to messages sent by the operating system.
This means that other apps on the device can access the tracker, including malicious apps, giving potential attackers insight into the movements of children and even parents, and these apps have implemented insecure Secure Sockets (SSL) certificate management. making them vulnerable to man-in-the-middle attacks. In other words, attackers can “intercept” data being exchanged between two apps.
The problem, according to some experts, is that many app developers don’t bother building robust code themselves, but make the most of open source libraries, often unaware of the risks involved.
Cybernews Karim Hijazi, CEO of cyber intelligence company Prevailion responded with these words:
It’s like making cheap sausages and not knowing what ingredients are in them. The problem for the end user is that you don’t really know everything in the app or how many different parts receive this information
Source: Lega Nerd
