this post was submitted on 30 Mar 2025
14 points (100.0% liked)

Privacy

3426 readers
160 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 9 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
14
Technical Analysis - Improper Use of Private iOS APIs in some Vietnamese Banking Apps (blog.verichains.io)
submitted 4 months ago by fxomt@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
0 comments fedilink hide all child comments
 

Yesterday, reports emerged in the Vietnamese infosec community that two popular banking apps – BIDV SmartBanking and Agribank – were using hidden / private iOS API to detect other apps installed on users’ iPhones.

This behavior was initially highlighted by @opa334, developer of TrollStore, on infosec.exchange two days ago and later in a Facebook post on Vietnamse J2TEAM forum. The controversy quickly gained traction because such behavior suggests a violation of Apple’s policies and an invasion of user privacy.

Therefore, we conducted a thorough technical analysis of the mentioned bank apps BIDV SmartBanking (v5.2.62, updated on Mar 14, 2025) and Agribank Plus (v5.1.8, updated on Mar 25, 2025), detailed in this write-up, which also examines implications for users and the banking apps.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here