An effort led by security research lab CovertLabs is actively uncovering troves of (mostly) AI-related App Store apps that leak and expose user data, including names, emails, and chat history. Here are the details.
‘This is as bad as it gets’
As spotted by user @vxunderground on X, the Firehound project is scanning and indexing apps that expose and leak sensitive user data.
As @vxunderground explains it:
It’s the slopocalypse.
OSINT nerd @Harrris0n has created “Firehound”. He (or others, I don’t know) have begun the daunting task of hunting AI slop in the Apple app store.
They have identified (as of this writing) 198 iOS apps which leak information on users (in some capacity). Unsurprisingly, the top are all related to AI.
Of the 198 apps listed so far, 196 expose user data. App “Chat & Ask AI” leads Firehound’s “Most files exposed” and “Most records exposed” rankings, with more than 406 million records from over 18 million users exposed.
In addition to the listing on Firehound, @Harris0n also took to X to comment on his initial findings on “Chat & Ask AI”:
Most apps on Firehound appear to expose data via improperly secured databases or cloud storage, and many listings disclose the underlying data schemas and record counts.
While most apps seem AI-related, affected app categories include:
- Education
- Entertainment
- Graphics & Design
- Health & Fitness
- Lifestyle
- Social Networking
- Other
Firehound limits free data access and requires users to register to request restricted datasets and detailed scan results:
Some scan results are highly sensitive. Until we can responsibly review and redact them, we can’t publish everything in full.
What this means
The public registry is intentionally limited. If you create an account, you can request access to restricted datasets and views.Request review
Access requests are reviewed manually. Priority is given to journalists, law enforcement, and security professionals.After signing in, you’ll be prompted to submit a request from your dashboard.
Despite @vxunderground’s initial claim that Firehound is cataloguing “AI Slop”, that information is not directly stated on @Harrris0n’s X profile, nor on the Firehound website.
While many apps seem AI-related, it is currently impossible to claim with certainty whether they were launched as a result of vibe coding or other AI-assisted, autonomous development tools.
Still, Firehound is a reminder that users should be mindful of the platforms they use and the information they share (especially when it comes to AI chatbots), and that developers must take responsibility for properly securing user data, regardless of how low the barrier of entry may be to develop and release an app.
To learn more about Firehound, follow this link.
Accessory deals on Amazon
FTC: We use income earning auto affiliate links. More.
