The hidden side of an everyday mobile application

Stories about common mobile applications collecting or misusing data often make the news. The fact is that as users, we only see a tiny part of the actions performed by mobile apps, the rest of them being silently executed.
Comparable to an iceberg, 90% of an app’s actions are not visible and consequently, hard to identify.

As a case study, we will take a closer look at a famous food delivery application exfiltrating personal information and embedding several code vulnerabilities.