Uber's Android App May Be Collecting An Alarming Amount Of Your Personal Data
Uber’s data-sucking Android app is dangerously close to malware
Buster Hein (11:22 am PDT, Nov 26th)
Uber has been sideswiped by a ridiculous number of controversies lately, but things are about to get even worse for the ride-sharing service. A security researcher just reverse-engineered the code of Uber’s Android app and made a startling discovery: It’s “literally malware.”
Digging into the app’s code, GironSec discovered the Uber app “calls home” and sends private data back to Uber. This isn’t typical app data, though. Uber is sending back users’ entire SMSLog even though the app never requests permission. It also sends call history, Wi-Fi connections used, GPS locations and every type of device ID possible.
The app even checks your neighbor’s Wi-Fi and sends back info on the router’s capabilities, frequency and SSID. News of the app’s vulnerability was first posted on Hacker News with the charming intro, “TLDR: Uber’s Android app is literally malware.” One developer commenting on the revelation said there isn’t “any reason for Google not to immediately remove this app from the store permanently and ban whatever developer uploaded it. There should probably be legal action.”
Read more at Uber's data-sucking Android app is dangerously close to malware | Cult of Mac
Uber’s data-sucking Android app is dangerously close to malware
Buster Hein (11:22 am PDT, Nov 26th)
Uber has been sideswiped by a ridiculous number of controversies lately, but things are about to get even worse for the ride-sharing service. A security researcher just reverse-engineered the code of Uber’s Android app and made a startling discovery: It’s “literally malware.”
Digging into the app’s code, GironSec discovered the Uber app “calls home” and sends private data back to Uber. This isn’t typical app data, though. Uber is sending back users’ entire SMSLog even though the app never requests permission. It also sends call history, Wi-Fi connections used, GPS locations and every type of device ID possible.
The app even checks your neighbor’s Wi-Fi and sends back info on the router’s capabilities, frequency and SSID. News of the app’s vulnerability was first posted on Hacker News with the charming intro, “TLDR: Uber’s Android app is literally malware.” One developer commenting on the revelation said there isn’t “any reason for Google not to immediately remove this app from the store permanently and ban whatever developer uploaded it. There should probably be legal action.”
Read more at Uber's data-sucking Android app is dangerously close to malware | Cult of Mac
Facebook
Twitter
Instagram