Grindr: A simple email is all it takes to hack into an account
Because of a security flaw, all it takes is a hacker to get your email address to hack your against Grindr.
It's this one piece of information that allows him to take control of your profile on the dating app. Of course this was until last week, because the problem seems to have been solved from now on.
This article will also interest you: Is hacking stars that difficult?
To carry out this fraudulent takeover, all you had to do was enter the Grindr account email address, then reset the password, then get the website's source code and use it for the purpose of getting the url, which finally allows you to change your security key. By completing only these three steps. It was easy for a user to steal the identity on this LGBTQ dating site.
The reason for this is that the message sent to initiate the account reset also contained the site's source code. This means that if a hacker is interested in this website, would have had the opportunity to read several information of a very personal or even compromising nature. This could be a private message, the HIV status of members, etc.
It was a French user named Wassime Bouimadaghene who reported the security flaw to the website's publisher. Since the site's managers were not reacting, he turned to computer security experts to take a closer look at the flaw. They include Troy Hunter and Scott Helme.
According to the enforcement director of operations, Rick Martini, the security breach has been plugged. According to them, no ill-intentioned person has been able to take advantage of it.
However, it must be said that this is not the first time that the LGBTQ dating app has faced such a situation. Already in 2018, Grindr is experiencing security problems. It inadvertently allowed third-party companies to access private data from its Internet users, especially HIV status.
Faced with this umpteenth security problem, the administrators of the dating site wanted to reassure all those using their platform that they were committed to improving the quality and security of the site. To do this, they have joined a cybersecurity firm, responsible for maintaining their computer security at the highest level and responding to reports from Internet users in the event of a similar problem being discovered.
Grindr's administration has meant working on a program in which people who detect vulnerabilities on their computer programs will be able to receive bonuses. It remains to be seen whether the confidence of the 27 million registered on the platform will be enhanced by its promises. This kind of problem is quite common in these types of applications. Users are also often concerned so must be very careful about the nature of the information they agree to share with this kind of platform. On all sides vigilance is the order of the day.
Now access an unlimited number of passwords: