{"id":4285,"date":"2019-11-29T11:29:12","date_gmt":"2019-11-29T11:29:12","guid":{"rendered":"https:\/\/www.positivenewstrends.com\/?p=4285"},"modified":"2019-12-03T09:09:16","modified_gmt":"2019-12-03T09:09:16","slug":"harmful-android-sdks-accessed-your-personal-data-on-facebook-twitter","status":"publish","type":"post","link":"https:\/\/www.positivenewstrends.com\/news\/harmful-android-sdks-accessed-your-personal-data-on-facebook-twitter\/","title":{"rendered":"Harmful Android SDKs accessed your Personal Data on Facebook & Twitter"},"content":{"rendered":"

Facebook and Twitter <\/strong>have been rocked by Malicious Android Software Development Kits(SDKs)<\/strong> after the Cambridge Analytica <\/strong>Scandal. These SDKs integrated with thousands of Android apps through the connected social media accounts(Facebook&Twitter) and illegally accessed the user\u2019s personal data.<\/p>\n

\"Malicious<\/p>\n

Twitter found out that an SDK developed by OneAudience<\/strong> contains a privacy<\/strong>-breaching code. This enabled the malicious android SDK to transfer some personal data of its user\u2019s to the OneAudience servers. Similarly, Facebook is investigating an SDK from Mobiburn<\/strong>. This Android SDK<\/strong> is alleged to have shared <\/strong>the user data to data collection firms through certain Facebook-connected apps.<\/p>\n

Generally, third-party SDKs used for advertising are not intended to access personal information, password, or secret access tokens created during \u201cLogin with Facebook\u201d or \u201cLogin with Twitter\u201d method. However, Malicious SDKs from\u00a0 OneAudience and Mobiburn allegedly have the ability to unauthorizedly scrape user data<\/strong>. This data is utilized with advertisers for targeted ad marketing.<\/p>\n

How is Facebook and Twitter dealing with the Malicious Android SDKs?<\/strong><\/h3>\n

Twitter asserts that, \u2018This vulnerability <\/strong>is not in their software, but it is a lack of isolation between SDKs\u00a0 with\u00a0 an application.\u2019 Twitter has notified Google and Apple about the malicious SDKs.\u00a0 It also advises users to avoid third-party app <\/strong>stores for downloading apps.<\/p>\n

Facebook, on the other hand, has removed the infected apps from its platform for blatantly violating its regulations.<\/strong>Facebook states that, \u2018Security analysts discovered two harmful apps from OneAudience<\/strong> and Mobiburn<\/strong>. They paid the developers to integrate malicious SDKs\u00a0 in a plethora of apps available in popular apps stores.\u2019<\/p>\n

OneAudience’s Response:<\/strong><\/h3>\n

OneAudience<\/strong> responded to these allegations by shutting down its SDK. It also gave a statement saying, \u2018this data was never included in their database, never meant to be collected and used.\u2019<\/p>\n

Both social media platforms will be informing the affected users soon. Leading information security <\/strong>experts advise users to follow these helpful tips and secure their data:<\/p>\n

    \n
  1. Safeguard your computing devices with good Computer security <\/strong>or Mobile security<\/strong><\/li>\n
  2. Use official app stores from Authorised developers – Google\/Apple\/Microsoft etc to download apps.<\/li>\n
  3. Avoid connecting your social media accounts like Facebook & Twitter to third-party malicious apps.<\/li>\n<\/ol>\n