Posted on April 18, 2020 at 5:28 PM
About 20 million accounts of Aptoide app store users have been uploaded on a darknet forum. “Under The Breach”, which is a darknet monitoring platform, secured and analyzed the data.
After analyzing the data, the researcher discovered that the data were stolen from the Aptoide user server. According to the findings from the researchers, the data contains details of user registrations that took place from July 2016 to January 2018.
19 million user details still in hackers’ possession
The hackers are claiming they are still holding an additional 19 million records they are likely going to publish at a later date. Since the hack was supposedly done earlier this month, it’s probably that the next 19 million details yet to be released contain details from 2018 till last month.
If this is so, the hackers could choose to sell the second batch, as they will contain more recent information and details of the users.
Released details contain important personal details
The first 20 million details released on the hacking forum contains several details of each user. These include the user’s date of birth, device details, sign-up IP addresses, date of registration, hashed passwords, email addresses, and of course, names and usernames.
It also contains details about the referral origin of the user, their account type, developer and sign-up tokens, and user account status.
There is confirmation that the uploaded data on the darknet forum is still accessible for free download for anyone interested. Although the passwords are hashed, it’s possible to break the encryption protocol to de-hash the passwords.
Exposure leads to high risk for users too
When Aptoide was reached to give details about the leak, they said they were not aware of the hack. Currently, there are more than 150 million registered user accounts, with a total of 7 billion app downloads on Aptoide. The firm has about 1 million different apps for download.
As a result, the extremely busy unofficial android marketplace is sometimes vulnerable to attacks. It’s widely used and one of the most popular marketplaces for different types of android downloads. With this popularity comes the risk of exposure and data theft. It leads to high risk for a lot of users too.
The data was sent to the hacking forum in a PostgreSQL export file, and it’s still available for download till today. With this latest development, Aptoide is likely going to face a lot of criticisms regarding its decentralized platform.
Aptoide facing another major financial loss
Although Aptoide is not as extensive as its far superior counterpart Google, it still boasts an impressive collection of apps available for downloads. The alternative app store is a competition for Google’s AppStore.
The major difference between the Google Play Store and Aptoide is, while the former is centralized and controlled, the latter is completely decentralized. It gives the user to design customized repositories for specific apps. That’s the reason why it constantly deals with threats more frequently.
In 2018, Google tried to delete the Aptoide app from Android devices by setting up a rule on Play Protect. However, that didn’t go down well with Aptoide as it sued the tech giant in October the same year for what it perceived as anti-trust practices. At the time of filing its claims, Aptoide claimed the actions of Google caused the company a 2.2 million financial loss within 60 days.
Back then, a number of users either canceled their accounts or decided not to use the Aptoide platform again. Many experts are predicting a similar scenario from this recent data breach and security incident.
The hackers responsible for the security breach said they stole the data from Aptoide earlier last month. The total data hacked were 39 million, with 20 million already released to the public and the remaining 19 million scheduled to be released in the near future.