"Mobile Stock Trading Apps Riddled with Security Holes"

Senior security consultant at IOActive, Alejandro Hernandez, has discovered a number of vulnerabilities during the examination of 21 popular mobile stock trading applications. The exploitation of these vulnerabilities can allow hackers to perform malicious activities such as selling a user's stock, gathering personal financial information on a user through snooping, and pilfering money. Vulnerabilities discovered to be contained by mobile trading apps include the exposure of user passwords in cleartext, unencrypted storing of sensitive data, the use of unencrypted HTTP channels, and more. This article further discusses the vulnerabilities discovered during this investigation, what hackers could do when these flaws are exploited, and ways in which the security posture of trading platforms could be improved.

The Register reports "Mobile Stock Trading Apps Riddled with Security Holes"