Technology News

Hackers can see your Tinder photos without your wish, Here's how to stay protected

Dating app Tinder is one of the biggest dating app present in the world. Its used by most of the people interested in Internet dating. Although its popularity is huge, it still lacks the basic HTTPS encryption. It means a malicious attacker could easily see user’s photos. They could also add their own photos in their photostream. Tel Aviv-based security research firm Checkmarx discovered the vulnerabilities. There are two vulnerabilities in the dating app. These can be used to see users’ profiles as well as the profiles they’ve viewed.

Checkmarx blog post says. “The Checkmarx Security Research Team found disturbing vulnerabilities in a highly popular dating application used by people across the globe – Tinder”. The security research firm created an app to demonstrate the process. Called the TinderDrift the application can recreate the actions from a user's account. However, the hacker and attacker needs to be on the same network to do so. Checkmark also showcased this in a YouTube video. They demonstrated that they could potentially see users actions, photos and make changes to it.

What does it mean for Tinder Users

This kind of sensitive information can be used for various purposes. It can be used by the attackers to blackmail victims by threatening to expose private information. Though swipes and matches remain encrypted on Tinder. The hackers can track specific bytes. It will help them to determine the user’s action like left swipe, right swipe, Super Like, a match and more.

Also Read: Twitter now uses machine learning to bring smart auto-cropping for your photo posts

The blog post from Checkmarx also added. “The vulnerabilities, found in both the app’s Android and iOS versions, allow an attacker using the same network as the user to monitor the user’s every move on the app. It is also possible for an attacker to take control over the profile pictures the user sees, swapping them for inappropriate content, rogue advertising or other type of malicious content (as demonstrated in the research)”.

Lalit Wadhwa
Share
Published by
Lalit Wadhwa

Recent Posts

  • Technology News

Microsoft Xbox app launched on Amazon Fire TV devices: Everything you need to know

Microsoft launches its Xbox cloud gaming app on Amazon Fire TV devices with access to…

June 28, 2024
  • Technology News

Realme Narzo N55 new colourway revealed, will come with 33W charging support

Realme Narzo N55 new Black colourway revealed, here's how it looks. The company also revealed…

April 8, 2023
  • Technology News

Motorola Moto G Power 5G with MediaTek Dimensity 930 SoC launched in the US

Motorola Moto G Power 5G with MediaTek Dimensity 930 chipset, 6GB RAM and 256GB internal…

April 7, 2023
  • Technology News

OnePlus Nord CE 3 Lite could be rebranded as Nord N30 for the US market

OnePlus reportedly will rebrand the Nord CE 3 Lite as the Nord N30 for the…

April 7, 2023
  • Technology News

Apple could revamp its Control Center feature with iOS 17: Report

Apple's upcoming iOS 17 could bring a revamp to its Control Center feature. Details are…

April 7, 2023
  • Technology News

Sony finally working on PS Vita successor, suggests report

Sony currently working on a new handheld gaming console codenamed PlayStation Q Lite. Launch expected…

April 6, 2023