A white hat hacker reverse engineered 30 mobile financial apps and found sensitive data buried in the underlying code of nearly all apps examined. With this information a hacker could, for example, recover application programming interface (API) keys and use them to attack the vendor s backend servers and comprise user data. The apps in question were all Android and culled from eight sectors including retail banking, healthcare and auto insurance. The U.S. National Security Agency released its Ghidra reverse-engineering platform to much fanfare last month.
Source: https://threatpost.com/financial-apps-are-ripe-for-exploit-via-reverse-engineering/143348/