Google Play store 2

Turkish Developer Hacks the Google Play Store Twice; Says He Was Testing a Vulnerability

March 18, 2014 - Written By Tom Dawson

While we all recognize Google as one of the big giants of the Internet, who’re seemingly invulnerable to attack and issues that would seriously damage other sites, not even Google is invincible. This is shown by yesterday’s outage of a number of products across Google just yesterday, like Hangouts and such (did everyone get through that okay?) It seems this past weekend, Google’s Play Store was the focus of an attack, or at least a “testing” of a vulnerability found in the backend of the Play Store by a developer. On Sunday evening, an app was uploaded through the Developer Console, the Play Store then crashed. The same happened again on Monday, leaving users unable to download new apps and games, and developers unable to update their own apps.

The culprit, Ibrahim Balic, said he was only trying to test a vulnerability and didn’t expect to take everyone else offline with him. Of course, with a second attempt by Balic, this claim is somewhat hard to believe, but unlike other hackers the damage caused is relatively slim. Besides, he did say that Google were notified of the vulnerability, which is perhaps the best thing here. Balic said he created an Android app that took advantage of the vulnerability and then uploaded it to the Developer Console, not expecting the sort of outage that he did indeed cause. Balic pleads forgiveness for the disruption he caused, and still maintains that he was only trying to test a vulnerability.

Whether or not Balic was just trying to test something he had noticed or not is besides the point, the point is that the outage was so minimal that not many of us even noticed. I remember updating a number of apps yesterday and over the weekend. Things like this aren’t as rare as they used to be, and as the Play Store becomes bigger and bigger, Google will need to focus hard on their security. After all, not everyone would be as forthcoming as Balic in turning over the vulnerability.