Oversecured Apps Care

At Oversecured, our core mission is to make the Internet safer for everyone.

Today, mobile apps are crucial in our daily lives and business operations. However, they are not always 100% safe for users. That’s why we’ve decided to launch our latest initiative—the “Oversecured Apps Care” program - a bi-annual deep dive into the security of widely used Android apps.

Our objective is to identify any potential vulnerabilities in these applications to enhance the overall safety of the Android ecosystem, not just to fix security gaps but to reinforce the digital infrastructure that supports lives.

Technologies we used

At the heart of our initiative is the Oversecured vulnerability scanner, a service designed to detect and diagnose potential security flaws, which employs a blend of static (SAST) and dynamic (DAST) analysis methods, enabling a thorough examination of both the code’s structure and its behaviour during execution.

Our scanner is constantly evolving and powered by the latest cybersecurity research and technology to stay one step ahead of potential threats. So, if you’re looking to secure your mobile app, get started with a free 2-week trial of QuickStart. Book a call with our team or contact us to learn more. All your reports are kept private.

The first wave of reports: A Closer Look at Google Apps

Our journey began with scanning over 6,000 applications from more than 1,000 companies, all of whose APK files are readily accessible to the public.

Today, we’re ready to unveil our first series of reports, offering a comprehensive vulnerability analysis of 224 Google apps. These findings underscore the critical need for ongoing vigilance and proactive cybersecurity measures to safeguard our digital ecosystem.

An opportunity for security researchers (!)

If you enjoy finding and reporting bugs, we have a great opportunity. Our reports can give you many chances to report vulnerabilities to Google for a reward. We believe in the power of community-driven security efforts, and your expertise could play a pivotal role in fortifying the defences of one of the world’s leading tech companies. You can report identified mobile security issues to Google via this link.

Google app scanning reports

Device fingerprint: google/sdk_gphone64_x86_64/emu64xa:VanillaIceCream/AP31.240119.018/11431403:user/release-keys

Your feedback is highly appreciated

If you’d like to learn more about our methods for exploiting vulnerabilities, you can check out our case studies on Google (here or here), PayPal, TikTok, Samsung, Amazon, and Evernote.

We welcome cybersecurity professionals and tech enthusiasts to review our findings. Your feedback is invaluable in refining our reports and shaping the future of cybersecurity practices. We are sure that together, we can significantly impact the protection of user data worldwide.

And, of course, don’t hesitate to refer to us as the source of your insights. We are looking forward to your contributions.

Sincerely,
The Oversecured Team