Three Sonic apps in the Google Play published by SEGA leak users data to uncertified servers. The Android apps are Sonic Dash, Sonic the Hedgehog Classic, and Sonic Dash 2: Sonic Boom, that have been totally downloaded millions of times. Experts discovered two critical flaws, X509TrustManager and PotentiallyByPassSslConnection, that could be exploited by hackers to power man-in-the-middle attacks due to the lack of validation for SSL certificate errors.”]
Source: http://securityaffairs.co/wordpress/68083/digital-id/sonic-apps-data-leak.html

