Mobile games for children threaten safety

Rostelecom-Solar investigated vulnerabilities in 14 common children’s mobile games. Many mobile applications have quite popular paid options. Users willingly pay, for example, for various gaming advantages. In-game purchases are in many free games, just considered by researchers. If the security in them is not ensured at the proper level, the personal information of the players becomes the prey of scammers. Security was analyzed in the following Android and iOS software: “Three Cats Picnic”, “Mysterious Affairs of Scooby-Doo”, “Smeshariki. Krosh ”,“ Mi-bears ”,“ Masha and the Bear: Games for Children ”,“ Luntik: Children’s Games ”, Minion Rush:“ Despicable Me ”, LEGO® NINJAGO®: Ride Ninja, Dragons: Rise of Berk, Disney Crossy Road, Cut the Rope, Asterix and Friends, Angry Birds 2, 3D Labyrinth. Analysis showed that in more than 80 percent of vulnerable Android games, the encryption key is embedded in the source code. This allows fraudsters to easily get to the data contained in it. It turned out that Scooby-Doo Mysterious Cases are most protected from Warner Bros, Masha and the Bear: Games for Kids from Hippo Games for Kids and Three Cats Picnic from DevGame OU. With a maximum level of security of 5 points, their indicators were 4.1 and 4.6, 4.6, respectively. The most vulnerable game is Disney Crossy Road by Disney, which scored 0.9 out of 5 points; iOS application versions were less protected. Only the LEGO® NINJAGO®: Ride Ninja game from LEGO System A / S got 2.6 points out of 5 possible. The least protected, “Masha and the Bear: Games for Kids” from Indigo Kids and “Three Cats Picnic” from DevGame OU, earned 0.0 points. The hashing algorithm provided in all iOS games is weak and can lead to data compromise. users. They are also subject to vulnerabilities that allow attacking an application or executing malicious code on a smartphone.

Sam Richards

Add comment

Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.