fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Grindr Fixed A Bug Allowing Full Takeover Of Any User Account

Grindr Fixed A Bug Allowing Full Takeover Of Any User Account

Grindr has fixed a security flaw that could have allowed attackers to easily hijack any Grindr account if they knew the user’s email address.

Grindr is a social networking platform for gay, bi, trans, and queer people active since its launch in 2009, with roughly 4.5 million daily active users from countries all over the world.

From email to full account takeover

French security researcher Wassime Bouimadaghene who discovered the vulnerability asked for Troy Hunt’s help to get reach out to Grindr after he unsuccessfully tried to report it through multiple channels.

Once Hunt asked for a Grindr security contact on Twitter, within about 90 minutes, the company quickly addressed the flaw blocking future account takeover attempts using the same attack technique.

As Hunt was able to confirm, the reset token generated when resetting an account’s password could be obtained using the web browser’s dev tools as it was leaked in the page response content.

This made it possible to manually generate the unique link users’ would otherwise only receive via e-mail.

To find the template for that, one would only have to register a Grindr account and start the password reset process to get the reset email.

Using this technique, an attacker could reset the password and take over any Grindr account for which they knew the email.

Also Read: How Being Data Protection Trained Can Help With Job Retention

Leaked Grindr account reset token
Leaked Grindr account reset token (Troy Hunt)

“This is one of the most basic account takeover techniques I’ve seen,” Hunt said in a blog post describing the now fixed issue. “I cannot fathom why the reset token – which should be a secret key – is returned in the response body of an anonymously issued request.”

“The ease of exploit is unbelievably low and the impact is obviously significant, so clearly this is something to be taken seriously,” he added.

Once an attacker would take control of a Grindr user’s account using this flaw, he would have access to all the data stored within that account including but not limited to messages, HIV infection status, and personal photos, through the Grindr mobile and web app.

Exposed personal info
Exposed personal info (Troy Hunt)

New Grindr bug bounty program

After fixing the security issue, Grindr told TechCrunch that they are working on making it easier for researchers to report such issues and that a new bug bounty program is in the works.

“We are grateful for the researcher who identified a vulnerability. The reported issue has been fixed. Thankfully, we believe we addressed the issue before it was exploited by any malicious parties,” Grindr said in a statement.

“As part of our commitment to improving the safety and security of our service, we are partnering with a leading security firm to simplify and improve the ability for security researchers to report issues such as these.

“In addition, we will soon announce a new bug bounty program to provide additional incentives for researchers to assist us in keeping our service secure going forward.”

BleepingComputer has also reached out to Grindr for comment but had not heard back at the time of this publication.

Three years ago, Norwegian independent research organization SINTEF discovered that Grindr shared users’ personal information (including HIV status, GPS location, email address, and more) with third parties (Apptimize and Localytics) via the iOS and Android apps.

The company’s head of security later said that Grindr has stopped sharing the sensitive info and that it all happened because of a simple misunderstanding of what was actually being shared with third-party vendors.

Also Read: Going Beyond DPO Meaning: Ever Heard Of Outsourced DPO?

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us