TechFlow news, on May 21, the security team from BitsLab's "Web3 Escort Program" discovered a critical arbitrary account takeover vulnerability in the Android app of a well-known Meme trading platform and assisted in its remediation. During the app audit, it was found that the app used a third-party browser component containing an Intent Redirection vulnerability in its onCreate method. Additionally, due to improper configuration of the app's FileProvider, attackers could exploit system vulnerabilities to read any sandbox file within the app. This attack chain allows adversaries to extract sensitive files containing user tokens from the Meme trading platform’s Android app, enabling full account takeover and direct access to user assets—posing severe security risks.
After receiving the vulnerability report through the "Web3 Escort Program," BitsLab's security team conducted comprehensive technical analysis, thoroughly identifying the root cause and attack methodology, and provided precise mitigation measures. Their efforts effectively prevented potential data breaches and user asset losses, significantly enhancing the privacy and security of the trading platform’s Android application. BitsLab also urges all project teams to review their Android apps for improper FileProvider configurations.
The discovery and coordinated remediation of this high-severity vulnerability in the prominent Meme trading platform's Android app further highlights the outstanding contributions of the BitsLab team and the 'Web3 Escort Program' to global blockchain security.




