Jumat, 28 September 2012

Texas Poker iPhone App Exposes Users Authentication Credentials


An iOS application called Texas Poker (Texas Hold’em) has been found to broadcast players’ usernames and passwords in plain text or by using the weak MD5 encryption algorithm.

iOS is said to be the most secure mobile operating system around. However, this only applies for the operating system itself and not for the third-party applications that run on it.

Bitdefender has once again put its Clueful system to the test in order to see what iPhone apps expose their users’ privacy and sensitive details.

The analysis has revealed that Texas Poker (Texas Hold’em) players could become the targets of cybercriminals at any time, because the game’s developers have failed to ensure that at least basic security measures are implemented.

If the customer plays the game by using an unsecure Wi-Fi Internet connection, an attacker could easily intercept his username and password.

Many recent studies showed that most internauts tend to use the same username / password combination to protect more than one account. This means that if an attacker gains access to the credentials of a Texas Poker player, he can use the information to access other accounts.

However, in this case, the risks are even greater than that. Users can purchase in-game chips with real money, which makes the app even more tempting for cybercrooks.

An attacker could access the account and gamble away the victim’s chips. He may play against his own account and make sure that all the money would be transferred to him.

We advise iPhone owners to check out Bitdefender’s Clueful app since it can reveal a lot about an application. You’ll be able to see if an iOS application doesn’t secure your credentials, if it drains your battery, floods you with ads, or tracks your location.

Via: Texas Poker iPhone App Exposes Users Authentication Credentials

Tidak ada komentar:

Posting Komentar