Google Play Store app leaks conversations, data via unprotected database

The Google Play Store provides access to countless apps for various purposes. However, with the convenience of having so many options comes the potential danger of some apps being identified as malicious as they contain harmful code, violating users' privacy, stealing their data, and other risks. Even though Google's Play Protect system monitors apps diligently, some of them may still be malicious and go undetected, which can leave users vulnerable.

Research conducted by Cybernews has revealed an app on the Google Play Store through which hackers could steal user's data. The app in discussion is OyeTalk. With over 5 million downloads on the Google Play Store, OyeTalk is a popular voice-chat app which lets users host podcasts, interact with each other in discussion rooms and more. According to the report, the app had left its database unprotected, leaving users' private conversations and data exposed.

Cybernews reported that researchers discovered OyeTalk leaking data through open and unprotected access to Google's mobile application development platform called Firebase. More than 500MB of data such as user conversations, usernames, and IMEI numbers were exposed due to an open Firebase instance which did not have encryption. The report further states that the app developers were informed of the data leak but failed to close public access to the database.

If harmful apps are downloaded onto your smartphone, they can not only steal your data but also make your phone vulnerable to cyber-attacks, and even render it unusable, turning it into an expensive and useless paperweight. Therefore, if you have the app installed on your Android phone, you should be careful about your data.

While downloading apps from the Google Play Store, there are signs users can watch out for before pressing the download button.

Signs to watch out for to catch the online criminals:

1. See the app permissions

With the new Android updates, whenever you download any app, it asks you for various permissions depending on its purpose. You should always keep an eye out for any app asking for unusual permissions such as access to your personal information, contacts and more.

2. Check the reviews

Always check the app reviews before downloading it. People post app reviews based on their user experience.

3. See the number of downloads

Any app that is potentially harmful might have only a handful of downloads. So, only download apps which have already been downloaded a respectable number of times.

4. Read the app description

Google Play Store provides an app description along with information about the app creator. You can click on the developer's name to see a list of other apps they have developed. Therefore, only install apps from trustworthy sources.

Having said this, remember not to trust any website, message or caller regarding their claims. Always do your due diligence thoroughly to stay safe.