Researchers suggest the lack of protection allows for anything from simple nosiness, to complex blackmail schemes.
The dating app Tinder has been found to have two major vulnerabilities which, if exploited, could allow others to monitor a user’s every move on the app.
Just by being on the same Wi-Fi network as any user of Tinder's iOS or Android app, security researchers could see any photo the user did - or even inject their own images into his or her photo stream. The replacement images could easily be of an inappropriate nature, contain rogue advertising or other types of malicious content.
Tinder allows users to swipe through dating profiles of people in their immediate area: swiping right for a person they like, left if they lack interest and up if they “Super Like” someone. If someone likes them back, the next step is chat-messaging on the app. So far, the app has created more than 20 billion matches in 196 countries.
Aside from the potential advertising fraud and malware issues, the vulnerabilities, found in both the Android and iOS versions of the app, allow an attacker to stalk and blackmail the victim, threatening to expose highly private information from the user’s Tinder profile and actions in the app.
The researchers suggest that this lack of protection could enable anything from simple voyeuristic nosiness to blackmail schemes.
TOP TIPS
Checkmarx said that it has disclosed the vulnerabilities to Tinder.
The phone numbers and email addresses of 533 million Facebook users have been exposed in a data breach. Here’s how to find out if your data was leaked, and how to secure your Facebook account.
YouTube aims to improve protections for children on the platform.
Head teachers in England are more likely to face problems with pupils bullying online and misusing social media than in any other developed country, an international study says.