\nGuidus isn\u2019t quite Genshin Impact, but it was able to garner a decent user base. The app has over 100k downloads, and the 4.2-star rating is the icing on the cake. It\u2019s a nice-looking pixelated RPG with solid gameplay. Looking at it, we can tell that the app is legit, so what about the leak?
\nGuidus allowed players\u2019 data to be leaked
\nStarting off, the situation sounds worse than it actually is, but it still needs to be highlighted. As per the source, the developers, Izzle, hardcoded sensitive data into the client side of the app. This meant that this data was accessible to just about anyone.
\nOn the scale of leaked data, this information wasn\u2019t bad at all. The information that people could access all pertained to the player\u2019s progress. This includes their in-app currency and their progress through the game. If a bad actor got access to that information, they could erase that data and cause a player to lose their progress. That\u2019s frustrating in and of itself, but it gets worse.
\nThe developers also left keys hardcoded to the client end of the app. The Cybernews research team said that \u201cHardcoding sensitive data into the client side of an Android app is a bad idea\u2026In most cases, it can be easily accessed through reverse engineering.\u201d If a bad actor does access those keys, they might be able to get ahold of even more sensitive data on a player.
\nIzzle was told that Guidus leaked the data, but the company has yet to fix the problem. We\u2019ll have to wait to see if the company does issue some sort of patch.
\nThe post This popular Android RPG just leaked a ton of player information appeared first on Android Headlines.
\n
![](\"https:\/\/plus.maciejpiasecki.info\/wp-content\/uploads\/2023\/01\/Guidus-Title.jpg\")
\nSource: ndroidheadlines.com <\/p>\n","protected":false},"excerpt":{"rendered":"