Friday, July 23, 2021

Singapore investigating claims Muslim app developer sold user Information to US military

Must Read

Backdoor accounts found in More than 100,000 Zyxel firewalls, VPN gateways

Dutch cybersecurity researchers have discovered a backdoor account in 100,000 networking devices manufactured by Zyxel, which may grant hackers...

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU screen drivers, as...

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to...

Singapore is investigating claims that a local-based mobile app, Muslim Pro, has offered”granular place data” into the US army. Clocking over 98.5 million downloads worldwide, the most favorite prayer monitoring program has denied the allegations, stating it stocks only anonymized information with its partners.

Clocking over 98.5 million downloads worldwide, the Muslim Pro app allegedly has marketed”granular place data” into the US army — an allegation it simplifies — and is presently being researched by Singapore’s Personal Data Protection Commission.

The regulator told local press: “We remind consumers to also be conscious of the kind of permissions and individual data they supply and how it could be utilized. If in doubt, users shouldn’t use or download some other program.”

It’s Muslim Pro app monitors prayer times and reveals the path to Mecca, among other attributes, and has been downloaded from consumers around 200 countries, based on its site.

Before this week, the program was reported to have sold granular place information to X-Mode, a US third-party data aggregator that sells its solutions to clients, which had comprised US defense contractors.

US-Canadian news outlet Vice Media broke the information in its title, saying that Muslim Pro was one of the other mobile programs that had sold information to the US army which had comprised timestamps, telephone model information, and the title of this Wi-Fi community to the telephone was connected.

This may consist of analyzing data to better understand user behaviors, therefore it might”enhance the general performance” of its services. It included that place data was utilized for prayer times calculation and eased designing and planning attributes, in addition to enhancing the overall user experience.

The App developer also insisted it didn’t discuss any sensitive personal data, such as title, contact number, and email. “Any information shared with partners is anonymized, meaning that our information isn’t credited to any particular people,” it stated.

“We employ industry-standard security structures and protective steps and choose top technology partners to keep our information safe and protected on our cloud infrastructure.

While it’d refuted Vice Media’s asserts, Bitsmedia stated it had terminated all connections with its information spouses, such as X-Mode, “effective immediately”.

It also said it collaborated with”chosen technology partners” to enhance the standard of its program and shared information with its partners to get”common functions like marketing”, which it mentioned was its principal source of earnings.

It stated it did so” in full compliance” with all applicable legislation and executed”rigorous data governance coverage” to protect its customers’ data.

As stated by the app programmer, it functioned with third parties like social networking networks and information analytics firms and shared information with the approval of its consumers.

Additionally, it noted that, apart from its Community segment, attributes supplied in Muslim Pro are made accessible without users needing to register into the program. “This leads to the anonymity of information we gather and procedure,” it stated.

Singapore only this month upgraded the data protection laws to enable local companies to utilize consumer information without previous consent for several functions, such as business advancement and study.

The amendments also permitted for harsher monetary penalties to be meted out for information breaches, over the last limit of SG$1 million.

In his address discussing the changes, Singapore’s Communications and Information Minister S. Iswaran said information was a key financial advantage in the electronic market as it provides invaluable insights that inform businesses and create efficiencies.

Additionally, it would enable innovation and improve products, and become a vital source for emerging technologies like artificial intelligence (AI) that maintain transformative capacity, Iswaran said.

Amongst the essential changes in the PDPA is that the”exceptions to the approval” requirement, which currently enables companies to utilize, gather, and disclose information for”legitimate purposes”, business development, and also a wider range of development and research.

Besides existing consent exceptions which include investigations and responding to crises, these now include attempts to fight fraud, improve products and solutions, and execute market research to understand potential client segments.

Additionally, further alterations defined under”deemed consent” into PDPA will now allow businesses to share information with outside contractors to fulfill client contracts. This caters to”contemporary industrial structures” and fundamental purposes including safety.

Firms will also have the ability to use the information without permission to ease R&D that may not yet be marked for productization.

The rest of the purposes beyond”deemed” and”exceptions” to agree, for example, direct marketing and advertising messages, will nevertheless need prior permission from customers.

The PDPC past year researched 185 cases involving information breaches and issued 58 decisions.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This