Millions of people across the globe are using ‘vulnerable’ Android apps, which are leaking users’ personal data, a new research has said. The new study, which tested the 13,500 most popular free apps from the Google Play Store, found that 1074, almost eight per cent, used incorrect or inadequate coding. Researchers at the Leibniz University of Hannover and the Philipps University of Marburg, both in Germany, tried to hack a sample of 100 of the vulnerable apps. According to the Brisbane Times, they could easily exploit 41, of which there are at least 39.5 million users worldwide. “We could gather bank account information, payment credentials for PayPal, American Express and others,” the study said. “Facebook, email and cloud storage credentials and messages were leaked, access to IP cameras was gained and control channels for apps and remote servers could be subverted,” it added. According to the report, the researchers used a Samsung Galaxy Nexus smartphone running on Android 4.0 (Ice Cream Sandwich) to carry out the tests. The researchers created a fake Wi-Fi hot spot and mounted an attack that spied on data sent and received by the apps. They were able to capture log-in details for online banking, social media, email services and corporate networks, and even disable security software, the report said.