Researchers at antivirus company Avast have found more than 19 300 dangerous Android apps. According to experts, such software could reveal confidential user data due to misconfiguration of the Firebase database.

Because the Firebase database allows to store information of applications for games, workouts, mail, food delivery, very important information is at risk. If the threat actors take advantage of the misconfiguration, they could obtain such information as usernames, birthdates, phone numbers, location information, tokens, keys, etc.

Developers use the Firebase platform to develop Android apps, but they don't always pay attention to security issues. For example, according to an Avast study, over 10% of analyzed Firebase instances were completely open and available to third-party developers. In total, the researchers examined 180 300 samples.

“We want to urge all developers to check their databases,” Avast said.

Source: anti-malware.ru