Popular Android browser an app with over five million downloads on the Google Play store may have leaked user data, including browser history, experts say.
cybernews (opens in a new tab) says he discovered that the “Web Explorer – Fast Internet” app left an open instance of Firebase – a mobile app development platform designed to help with analytics, hosting and cloud storage.
Five days of redirect data are at risk, including country, direct originating address, redirect destination address, and user country, all presented by user ID.
Android Web Explorer data leak
cybernews Senior Journalist Vilius Petkauskas explains that just getting this data may not be enough to give cybercriminals what they are looking for, but comparing it with additional details can prove damaging.
The application was also found to be client-side hard-coded, including keys related to users’ anonymous partial browsing history, unique public identifiers, and server-to-server communication mechanism.
“If cybercriminals could de-anonymise application users, they would be able to check a lot of information about the browsing history for a specific user and use it for phishing schemes” CyberMessaging recorded.
It has since been discovered that an open instance of Firebase has been shut down and is no longer accessible, meaning cybercriminals no longer have access to sensitive data. However, that’s not all good news: cybernews contacted the app team about his findings but has yet to receive a response.
Further digging also reveals that the app was last updated in October 2020, meaning the hard-coded “secrets” are likely still there. The researchers write: “… we can only guess what other information may be leaking through the app’s secrets.”