Latest Geopolitical Intelligence

6/trending/recent
nordvpn
Type Here to Get Search Results !

CYBER SECURITY: Trump 2020 Campaign App Vulnerable to Attack

CYBER SECURITY: Trump 2020 Campaign App Vulnerable to Attack
By Iain Fraser - Consultant Editor,  GEOPoliticalMatters.com
European News & Media Centre, Málaga City
Google Indexed at 08:49 on 160620

CYBERBREACH: Trump 2020 Campaign Exposed to Attack via App

The Security Research Team at Website Planet have identified a major security vulnerability in US President Donald Trump’s mobile campaign app. The team, led by leading cybersecurity analysts Noam Rotem and Ran Locar, discovered the keys to various parts of the app, including its Twitter API.

The re-election app exposed the information below in the Android APK file:

    Twitter Application keys
    Google apps key
    Google maps key
    Branch.io (mobile analytics) keys

The “Official Trump 2020” app was developed for President Trump’s re-election campaign, available for download on iOS and Android. The app’s code revealed keys and secrets, similar to usernames and passwords, that gave access to different parts of the app, such as its Twitter API.

While the exposed keys allowed access to many parts of the app, we concluded in our investigation that user accounts remained inaccessible through this vulnerability. We did not attempt to access any user accounts on the app, as we felt the initial vulnerability was sufficient to alert the Trump campaign.

The Team concluded that an attacker would still need two additional keys (not exposed) to access any user account, including, potentially, President Trump’s. However, a malicious actorr could still use the keys to impersonate the app, and much worse. For example, using the branch.io keys, hackers could potentially access app user and usage data. More on this story

About Website Planner
Website Planet is the premier authority for web designers, developers, digital marketers, and entrepreneurs with an online presence. Offering useful tools and resources for anyone, from the beginner to the seasoned professional, we pride ourselves on our integrity and honesty. Their team of ethical security research team discovers and discloses some of the most impactful data leaks, as a free community service we perform for the web at large. Contact Website Planet

ArgusGPI Gibraltar

ArgusGPI Gibraltar

ABOUT ARGUSGPI.COM We are a recognised leader in the delivery of Actionable Geopolitical & Cybersecurity Intelligence and Expert Risk-Analysis built around proprietary AI Technology to the Banking & Finance, Insurance, Aviation and Maritime industries as well as NGOs and Government Departments Worldwide. Learn More /... Visit our Website www.ArgusGPI.com

You may like these posts

Show more

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

Top Post Ad

Microsoft365 for Business

Below Post Ad

McAfee EU

Ads Bottom

nordvpn