Trading Apps Expose Investors to Cyber Criminals

Dozens of applications used for online trading by retail investors have cybersecurity vulnerabilities, some of which could lead to hackers siphoning funds from account holders, according to security consultant IOActive Inc.

Ten of the 80 applications tested over a one-year period store passwords of subscribers without encryption, a flaw that could lead to funds being stolen, IOActive reported at the Black Hat cybersecurity conference Thursday in Las Vegas. Those included software by AvaTrade Ltd. and IQ Option, according to the report. Software at E*Trade Financial Corp. and TD Ameritrade Holding Corp. stores trading data without encryption, the report found.