In Rostelecom-Solar explored vulnerabilities in 14popular children's mobile games. Many mobile applications have quite popular paid options. Users are willing to pay, for example, for various game benefits.
In-game purchases are in many freebies.games, just considered by the researchers. If the security in them is not ensured at the proper level, the personal information of the players becomes the prey to the scammers.
Security has been analyzed in the following software.under Android and iOS: “Three Kota Picnic”, “The Mysterious Things of Scooby-Doo”, “Smeshariki. Krosh ”,“ Mi-mi-bears ”,“ Masha and the Bear: Games for Children ”,“ Luntik: Kids Games ”, Minion Rush:“ Despicable Me ”, LEGO® NINJAGO®: Ride Ninja, Dragons: Rise of Berk, Disney Crossy Road, Cut the Rope, Asterix and Friends, Angry Birds 2, 3D Maze.
Analysis has shown that more than 80 percentVulnerable Android games in the source code stitched encryption key. This allows fraudsters to easily get to the data in it. It turned out that Warner Bros “Scooby-Doo Mysteries”, Masha and the Bear: Games for Children by Hippo Games for Kids and “Three Kota Picnic” by DevGame OU are most protected. With a maximum level of security of 5 points, their figures were 4.1 and 4.6, 4.6, respectively. The most vulnerable game is Disney Crossy Road from Disney, which received 0.9 out of 5 points.
Versions of iOS apps turned out to be lessare protected. Only LEGO® NINJAGO®: Ride Ninja from LEGO System A / S received 2.6 out of 5 points. The least defended, “Masha and the Bear: Games for Children” from Indigo Kids and “Three Kota Picnic” from DevGame OU, deserved 0.0 points.
Hashing algorithm provided for in alliOS games are weak and can lead to compromise of user data. They are also subject to vulnerabilities that allow attacking an application or executing malicious code on a smartphone.