Are you using a mobile app to trade digital currencies?

If yes, you could be in trouble, according to new research from a security firm on more than 2,000 apps on Google Play. The research gathered the first 30 crypto apps with up to 100,000 installations and came to a conclusion that even 93% of them contain at least 3 medium-risk vulnerabilities and 90% of them contain at least two high-risk vulnerabilities.

The situation is quite better – but still concerning – when it comes to the most-downloaded apps, where 94% of apps with over 500,000 installs contain at least 3 medium-risk and 77% contain at least two high-risk vulnerabilities.

What Are The Vulnerabilities That Make A Crypto App Weak?

If you are wondering what is the thing that can make an app vulnerable, it is basically the ‘insecure data storage’ which means the information can leak unintentionally by users. On top of this, there is ‘insufficient cryptography’ which means that cryptography is used to shield data, but not in the right way.

As the CEO of the company that conducted this research, Ilia Kolochenko said:

“Depending on the application functionality, design and vulnerabilities, a wide spectrum of nuisances is possible, up to sensitive data and even the wallet (private key) theft. Unfortunately, I am not surprised with the outcomes of the research.””

The Risks Of Agile Development For Crypto Apps Must Be Minimized

Crypto apps were designed with a few things in mind several years ago. However, with a blooming market and a lot of frauds nowadays, it is about time that developers cross ‘agile’ methods off their list and focus on development that is secure and one that includes proper security testing.

In the end, it is safe to say that all of the crypto hacker attacks come from apps and web interfaces (wallets) which means that new form of security must be implemented to make them disappear over time.