A cybersecurity company called Palo Alto has reported that two apps from Baidu were collecting users’ phone data and leaking it. Baidu Search Box and Baidu Maps, as identified, were collecting the MAC addresses, carrier information, and IMSU numbers which can be used by hackers to exploit users further in various means.
Baidu Apps Leaking User Data
Baidu is one of the three tech giants of Chinese, comprised of the other two – Tencent and Alibaba. The company has been in many technology fields and been the perfect eastern clone of Google. It replicated Google’s search with Baidu Search Box and Google Maps with Baidu Maps.
These two apps are popular enough with hundreds of millions of downloads across the world. And in the US, there are more than six million people using these services. While these numbers show its popularity, Unit 42 of Palo Alto Networks, a cybersecurity company throws light on its data collection and leaking practices through its latest report.
It said that the Android push SDK of Baidu, which is empowering both the apps is collecting identifiable data like the user’s MAC addresses, carrier information, and international mobile subscriber identity (IMSU) numbers. The IMSU or IMEI numbers especially are the ones useful for tracking.
Hackers often try snooping over communications to get this number, which is then useful for other malicious purposes like “they could use it to report the phone as stolen and trigger the provider to disable the device and block its access to the network,” as reported by the researchers.
They have informed both Baidu and Google regarding these practices, where Google responded by delisting both the apps from its Playstore last month. Baidu has made modifications to stop this collection and patch the leaks, thus able to reinstate Baidu Search Box in Playstore, but the Baidu Maps is yet to be restored.
Other Trending News:- News