BeVigil Exposes Mobile App Danger: Over 4 Million Users Globally at Risk from Hardcoded Shopify Tokens

10 Feb 23

This is some text inside of a div block.

min

Thank You!

Your whitepaper is now downloading...

Oops! Something went wrong while submitting the form.

CloudSEK’s BeVigil, the world’s first security search engine for mobile apps, uncovered a critical security flaw in the mobile app industry. From the millions of Android apps indexed on BeVigil, 21 apps were identified to have 22 hardcoded Shopify API keys/tokens, exposing personally identifiable information (PII) to potential threats. These apps put close to 4 million users worldwide at risk, with shopping being the most affected category.

Author: Bablu Kumar

Co-authors: Vishal Singh, Arshit Jain and Mayank Pandey

‍

Bablu Kumar

Bablu is a technology writer and an analyst with a strong focus on all things cybersecurity

Vishal Singh

As a Vulnerability Research Engineer at CloudSEK, Vishal conducts penetration tests on client-side assets and reports discovered vulnerabilities.

Arshit Jain

Collecting data for world's first security search engine bevigil.com | Web Scraping | Data Mining |

Mayank Pandey

Security Researcher

Thank You!

Your whitepaper is now downloading...

Oops! Something went wrong while submitting the form.

BeVigil Exposes Mobile App Danger: Over 4 Million Users Globally at Risk from Hardcoded Shopify Tokens

Fill Details to Download

Thank You!

Fill Details to Download

Thank You!

BeVigil Exposes Mobile App Danger: Over 4 Million Users Globally at Risk from Hardcoded Shopify Tokens

Fill Details to Download

Thank You!

Fill Details to Download

Thank You!

Subscribe to our newsletter