Top
image credit: Adobe Stock

Vulnerabilities in Popular Keyboard and Mouse Android Apps Expose User Data

December 1, 2022

The three apps, Lazy Mouse, Telepad, and PC Keyboard, are available in Google Play in both free and paid versions and have more than two million downloads combined. The applications work by connecting to a server on a computer and sending keyboard and mouse events to it.

CyRC identified a series of missing authorization, weak authentication, and insecure communication issues in these applications and warns that an unauthenticated attacker could exploit these to achieve remote code execution or to capture keystrokes, which could expose sensitive information such as usernames and passwords.

Read More on Security Week