Android App Vulnerabilities Research

Banks, Insurance, Stocks
           21 apps, > 40 Million installs
           3 fixed as of 5-22-15

M3: SSL Validation Failures Previously Reported by CERT
           36 general apps, >350 Million Installs
           16 medical apps
           Ars Technica Articie 4-27-15
           Blue Cross Blue Shield NC

Retailers

OWASP Mobile Top Ten Risks

Legal Precedents

M5: FTC Approves Final Order Settling Charges Against TRENDnet, Inc. (2-7-14)
M3, M6: Fandango, Credit Karma Settle FTC Charges that They Deceived Consumers By Failing to Securely Transmit Sensitive Personal Information (3-28-14)
M2, M5, M6, M7: FTC Charges D-Link Put Consumers' Privacy at Risk Due to the Inadequate Security of Its Computer Routers and Cameras (1-5-17)
M3, M5: ASUS Settles FTC Charges That Insecure Home Routers and "Cloud" Services Put Consumers' Privacy At Risk (2-23-16)


Posted 5-23-15 by Sam Bowne
Updated 6-2-15 with FTC link
Updated 6-13-15 with codemod.html file extension fixed
Updated 1-7-16 with FTC v. D-Link
Updated 1-15-19 with DEF CON 25 vulns
Tidied 1-16-19
Typo fixed 7-25-22