OkCupid app known as a popular dating platform has over 50 million registered users.
Dating apps have for long been used as a replacement for the effort one may need to exert out in the physical world to find a suitable match. Naturally, this makes it a collection space for personal user details and preferences attracting malicious actors who may want to leverage such information to their advantage.
Therefore, it is important for the developers of such apps to take great precautions in guarding their data. In line with this spirit, recently Checkpoint researchers went on to inspect a dating app named OkCupid amongst which they found several vulnerabilities.
See: Smartwatch vulnerability allowed hackers to overdose dementia patients
The vulnerabilities if exploited would have exposed user data including their stated characteristics, pictures, and other details. This would have opened many people to the possibility of being blackmailed and even cyberbullied.
Secondly, the user IDs, authentication tokens, and email addresses could also have been accessed allowing an attacker to not only illegally control user accounts and perform unauthorized actions but also conduct targeted phishing campaigns outside of the platform.
Once this data had been gathered, then the attacker could have sent it to their own server limiting any mitigatory effects even if the breach had been discovered.
Coming to the technical details, according to Check Point’s blog post, these flaws were found by reverse-engineering the Android application of the company and then moving on to various ot ..
Support the originator by clicking the read the rest link below.
