According to Codenomicon, the firm that first discovered the “Heartbleed” vulnerability in OpenSSL, about half of the apps on Android’s 50 most popular list have security vulnerabilities. The researchers say the problem occurs when mobile development firms re-use buggy code from third-party libraries. “We have to take care to test well enough the libraries we use so we can be confident they are safe enough to be used,” said Codenomicon chief security specialist Olli Jarva.
The company will provide more details about its findings during the Black Hat USA conference that will take place in Las Vegas on Aug. 6-7.