Cyber security news for all

More

    Grindr accounts could be hacked easily

    The Grindr account had a serious security gap. A hacker could completely take over an account using the feature to reset the password. On the website on which you requested to reset the password, you could read out the crucial data for the reset link and thus gain access to an account. Only an email of a Grindr user had to be hacked.

    To reset a password, Grindr uses the common way with a reset option, which is sent to a users email upon request. Security researchers of the platform found out, that the website for requesting such a reset erroneously reveals the token that is actually intended to be part of the link, which in turn may only be made known to the requesting user. Since a reset from Grindr is always structured in the same way, the token can simply be encrypted into a link created by yourself. If a hacker has knowledge of an email that is stored in a Grindr account, a reset could be generated in this way. The hacker could already take over the entire user account.

    Grindr account

    Grindr Wants To Team Up With A Security Company

    The security gap is closed and it is assumed that no hacker has exploited the gap. The company now wants to team up with a security firm and work to ensure that such vulnerabilities can be better communicated in the future. In addition, they want to offer a reward for finding further weak points.

    Contact Was Only Established After A Tweet

    Experts found out that a public tweet asked if anyone had any contact with the team at Grindr. Only then was contact made. The problem was then resolved relatively quickly. Affected users could also notice such an attack, as they would receive a reset email and would then no longer be able to log in with their password. People who use Grindr and have recently received an unexpected reset email should check as soon as possible that their password is still working. As Grindr’s chief operating officer Rick Marini told;

    Recent Articles

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox

    [tdn_block_newsletter_subscribe input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="730" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="" tds_newsletter4-image="731" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="732" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" embedded_form_code="YWN0aW9uJTNEJTIybGlzdC1tYW5hZ2UuY29tJTJGc3Vic2NyaWJlJTIy" tds_newsletter="tds_newsletter1" tds_newsletter3-all_border_width="2" tds_newsletter3-all_border_color="#e6e6e6" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjAiLCJib3JkZXItY29sb3IiOiIjZTZlNmU2IiwiZGlzcGxheSI6IiJ9fQ==" tds_newsletter1-btn_bg_color="#0d42a2" tds_newsletter1-f_btn_font_family="406" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="800" tds_newsletter1-f_btn_font_spacing="1" tds_newsletter1-f_input_font_line_height="eyJhbGwiOiIzIiwicG9ydHJhaXQiOiIyLjYiLCJsYW5kc2NhcGUiOiIyLjgifQ==" tds_newsletter1-f_input_font_family="406" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSIsInBob25lIjoiMTMifQ==" tds_newsletter1-input_bg_color="#fcfcfc" tds_newsletter1-input_border_size="0" tds_newsletter1-f_btn_font_size="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTEiLCJhbGwiOiIxMyJ9" content_align_horizontal="content-horiz-center"]