A week after security researchers disclosed a flaw in the GO SMS Pro messaging app, it appears developers are taking steps to fix the issue. Security misstep made it possible for an attacker to access media files transferred between users, including private voice messages, photos, and videos, stored on an unauthenticated, publicly accessible server. Google reinstated the app back to the Play Store on November 23 after public disclosure of the flaw and Google’s removal of the app from the marketplace. Older media shared prior to the advisory are still accessible, including a cache of sensitive information like driver’s licenses.
Source: https://thehackernews.com/2020/12/incomplete-go-sms-pro-patch-left.html