Data of 20 Million Aptoide App Users Released on the Darknet

About 20 million accounts of Aptoide app store users have been uploaded on a darknet forum. “Under The Breach”, which is a darknet monitoring platform, secured and analyzed the data.

After analyzing the data, the researcher discovered that the data were stolen from the Aptoide user server. According to the findings from the researchers, the data contains details of user registrations that took place from July 2016 to January 2018.

The hackers are claiming they are still holding an additional 19 million records they are likely going to publish at a later date. Since the hack was supposedly done earlier this month, it’s probably that the next 19 million details yet to be released contain details from 2018 till last month.

If this is so, the hackers could choose to sell the second batch, as they will contain more recent information and details of the users.

The first 20 million details released on the hacking forum
contains several details of each user. These include the user’s date of birth,
device details, sign-up IP addresses, date of registration, hashed passwords,
email addresses, and of course, names and usernames.

It also contains details about the referral origin of the
user, their account type, developer and sign-up tokens, and user account
status.

There is confirmation that the uploaded data on the darknet forum is still accessible for free download for anyone interested. Although the passwords are hashed, it’s possible to break the encryption protocol to de-hash the passwords.

When Aptoide was reached to give details about the leak,
they said they were not aware of the hack. Currently, there are more than 150 million registered user accounts , with a total of 7 billion
app downloads on Aptoide. The firm has about 1 million different apps for
download.

As a result, the extremely busy unofficial android
marketplace is sometimes vulnerable to attacks. It’s widely used and one of the
most popular marketplaces for different types of android downloads. With this
popularity comes the risk of exposure and data theft. It leads to high risk for
a lot of users too.

The data was sent to the hacking forum in a PostgreSQL
export file, and it’s still available for download till today. With this latest development, Aptoide is likely going to
face a lot of criticisms regarding its decentralized platform.

Although Aptoide is not as extensive as its far superior
counterpart Google, it still boasts an impressive collection of apps available
for downloads. The alternative app store is a competition for Google’s
AppStore.

The major difference between the Google Play Store and
Aptoide is, while the former is centralized and controlled, the latter is
completely decentralized. It gives the user to design customized repositories
for specific apps. That’s the reason why it constantly deals with threats more
frequently.

In 2018, Google tried to delete the Aptoide app from
Android devices by setting up a rule on Play Protect. However, that didn’t go
down well with Aptoide as it sued the tech giant in October the same year for
what it perceived as anti-trust practices. At the time of filing its claims,
Aptoide claimed the actions of Google caused the company a 2.2 million financial loss within 60 days.

Back then, a number of users either canceled their accounts
or decided not to use the Aptoide platform again. Many experts are predicting a
similar scenario from this recent data breach and security incident.

The hackers responsible for the security breach said they
stole the data from Aptoide earlier last month. The total data hacked were 39
million, with 20 million already released to the public and the remaining 19
million scheduled to be released in the near future.