Pradeo Lab researchers detected a data leak from the SEGA game ‘Sonic’. This issue affects: Sonic Dash, Sonic the Hedgehog ™ Classic, Sonic Dash 2: Sonic Boom. These apps collect geolocation and user device data. The data is mainly provided for marketing purposes. However, it is worrying that the aforementioned applications have numerous security vulnerabilities, including those allowing a Man-In-The-Middle attack.
At the same time, Pradeo Lab pointed out that users should be more thorough in reading the list of resources the app wants to access. For example – if the application is a game and asks for access to contacts or SMS messages, this should seem suspicious.
Source: http://blog.pradeo.com/sega-apps-data-leakage
—
Do you need cybersecurity solutions for your company – contact us.
