A web security firm has found out in an analysis that 90 percent of mobile apps used in cryptocurrency dealings are insecure and have vulnerabilities that could give hackers leeway.
High-Tech Bridge—a Switzerland-based web security company says 90 percent of cryptocurrency apps on Google Play, including very popular ones with more than 500,000 installations, have vulnerabilities. 94 percent of them have at least three medium-risk vulnerabilities according to the report. 77 percent of popular cryptocurrency applications have at least two high-risk vulnerabilities
Most of the problems found out have to do with improper usage of the platform, insufficient cryptography such as a predictable randomize or weak hashing algorithms like SHA-1, or insecure data storage.
CEO and Founder of High-Tech Bridge Ilia Kolochenko said,
“Unfortunately, I am not wondering with the outcomes of the research. For many years, cybersecurity companies and independent experts were notifying mobile app developers. Regarding the risks of “agile” development that usually imply no framework to assure secure design. Also secure coding and hardening techniques or application security testing”.
Also Read: Is Amazon accepting cryptocurrency payment
With cryptocurrencies now having a market capitalization of over $300 billion and the price of Bitcoin rising above $10,000. It is possible that many more people are on mobile, trading or exchanging cryptocurrencies with fiat.
With that comes the risk of using insecure apps at a time when increased crypto prices. However, dealings are attracting more hackers looking to exploit vulnerabilities and capitalize on errors by users.
Recently, it was reported that hackers of a malware known as CryptoShuffler, were able to siphon coins from several computers by sabotaging their clipboards — meaning without needing to infiltrate the crypto applications themselves. CrypoShuffler replaced addresses with its own whenever victims copied Bitcoin addresses to their clipboards.