Cloud-based app security company, Veracode, confirms gambling apps installed by employees on their mobile device could potentially risk their company’s security system.
They have scanned thousands of apps on mobile devices used for work—over ten of them gambling apps—and found they have adware and “critical vulnerabilities.”
These vulnerabilities include weak encryption which could enable cyber attackers to gain access to so many things on your phone: phone location, call history, emails and contacts.
They can also record your phone conversations.
A popular casino app was discovered to have the ability to know if a phone has been jail broken or rooted. It can disable anti-malware software and what’s scarier—take a peek at cached information such as passwords and user identity information.
Other slots apps have unencrypted HTTP protocol (Know more about encryption here: https://en.wikipedia.org/wiki/HTTPS) and can install malicious software to your phone.
The gambling apps scanned and tested were all from free to play social casino apps. Currently, no research project that could determine the security of real-money casinos has ever been done yet.
Vice President of mobile security at Veracode, Theodora Titonis, said, “Like it or not, corporate users are installing risky apps on their mobile devices, thereby increasing the attack surface and putting corporate data at risk as well as compromising the security of high-profile employees such as executives.”
No specific casino app was pointed to have these weaknesses, but big names like Zynga Poker, Big Fish Casino, Hit it Rich Casino Slots, Slot Machines House of Fun, among others were all scanned and analyzed.
Veracode urged companies to take extra measures in protecting their apps from attackers looking to “steal intellectual property, track high-profile individuals, and insert aggressive adware for monetary gain.”
They have scanned thousands of apps on mobile devices used for work—over ten of them gambling apps—and found they have adware and “critical vulnerabilities.”
These vulnerabilities include weak encryption which could enable cyber attackers to gain access to so many things on your phone: phone location, call history, emails and contacts.
They can also record your phone conversations.
A popular casino app was discovered to have the ability to know if a phone has been jail broken or rooted. It can disable anti-malware software and what’s scarier—take a peek at cached information such as passwords and user identity information.
Other slots apps have unencrypted HTTP protocol (Know more about encryption here: https://en.wikipedia.org/wiki/HTTPS) and can install malicious software to your phone.
The gambling apps scanned and tested were all from free to play social casino apps. Currently, no research project that could determine the security of real-money casinos has ever been done yet.
Vice President of mobile security at Veracode, Theodora Titonis, said, “Like it or not, corporate users are installing risky apps on their mobile devices, thereby increasing the attack surface and putting corporate data at risk as well as compromising the security of high-profile employees such as executives.”
No specific casino app was pointed to have these weaknesses, but big names like Zynga Poker, Big Fish Casino, Hit it Rich Casino Slots, Slot Machines House of Fun, among others were all scanned and analyzed.
Veracode urged companies to take extra measures in protecting their apps from attackers looking to “steal intellectual property, track high-profile individuals, and insert aggressive adware for monetary gain.”