Privacy

1763 readers

474 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

Be civil and no prejudice
Don't promote big-tech software
No reposting of news that was already posted
No crypto, blockchain, NFTs
No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 4 months ago

MODERATORS

[email protected]

Technical Analysis - Improper Use of Private iOS APIs in some Vietnamese Banking Apps (blog.verichains.io)

submitted 3 days ago by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

Yesterday, reports emerged in the Vietnamese infosec community that two popular banking apps – BIDV SmartBanking and Agribank – were using hidden / private iOS API to detect other apps installed on users’ iPhones.

This behavior was initially highlighted by @opa334, developer of TrollStore, on infosec.exchange two days ago and later in a Facebook post on Vietnamse J2TEAM forum. The controversy quickly gained traction because such behavior suggests a violation of Apple’s policies and an invasion of user privacy.

Therefore, we conducted a thorough technical analysis of the mentioned bank apps BIDV SmartBanking (v5.2.62, updated on Mar 14, 2025) and Agribank Plus (v5.1.8, updated on Mar 25, 2025), detailed in this write-up, which also examines implications for users and the banking apps.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here