An application vulnerability within the popular relationship software might have let hackers take control user records and spread spyware
Valentine’s Day might have you to locate love, you might choose to think hard before firing your dating that is favorite app.
Scientists in the Israeli cybersecurity company Checkmarx recently found protection flaws within the Android os form of OkCupid that, on top of other things, might have let cybercriminals deliver users missives disguised as in-app communications.
The flaws have since been fixed. Before that, nonetheless, users has been tricked into losing control of their accounts or had information stolen after which employed for identification theft or credit card frauds, in line with the researchers.
“There had been simply no method for an user that is unsuspecting understand that this wasn’t OkCupid, but, alternatively, a typical page built to look like OkCupid,” says Erez Yalon, Checkmarx’s mind of safety research.
That isn’t the very first time Yalon’s group has discovered protection dilemmas in a dating application. A year ago, Checkmarx announced that its researchers had discovered flaws in Tinder’s application that may offer hackers a method to see which profile pictures a person had been considering and exactly how she or he reacted to those images.
A lot of personal information while both the OkCupid and Tinder security problems have since been fixed, they still stand as a warning to consumers to be wary of all apps, and particularly dating apps, that store.
“The OkCupid researchers took advantageous asset of a variety of little flaws to wrench available a significant straight straight back door,” states Bobby Richter, who leads CR’s privacy and protection evaluation team. Continue reading