• Home
  • Internet
  • Internet News
  • OkCupid Vulnerabilities Discovered That Could Have Let Hackers Access Personal Details of Online Daters

OkCupid Vulnerabilities Discovered That Could Have Let Hackers Access Personal Details of Online Daters b6j6a

Security researchers at Check Point Research found security issues through the OkCupid Android app version 40.3.1 on Android 6.0.1. 4p23m

OkCupid Vulnerabilities Discovered That Could Have Let Hackers Access Personal Details of Online Daters

OkCupid has seen some growth in engagements during the coronavirus outbreak 5d4c4p

Highlights
  • OkCupid website and mobile app were found to have serious issues
  • The dating platform claimed it fixed the flaws within 48 hours
  • OkCupid assured that no has been impacted by the issues
ment

Security researchers identified multiple vulnerabilities on the Web and mobile platforms of online dating site OkCupid that could have allowed hackers to steal private data of s. The data could include full profile details, private messages, sexual orientation, personal addresses, and even all submitted answers to OkCupid's profiling questions. The team at OkCupid is claimed to have fixed the flaws within 48 hours of receiving their details. It has also stated that the vulnerabilities haven't impacted any of its s.

Researchers at OkCupid that could have allowed hackers to gain data access. The research work took place through the OkCupid Android app version 40.3.1 on Android 6.0.1. Upon reverse engineering the mobile app, the researchers discovered “deep links” functionality that could provide backdoor access to hackers to send malicious links.

While testing the mobile app, the researchers' team was also able to find the OkCupid primary domain vulnerable to cross-site scripting (XSS) attacks. Both those loopholes could be combined to let a hacker send specially crafted links to s and steal their personal data.

The researchers said that at the time of their testing, they saw that the server responded with all the information regarding the victim's profile, including email, and family status.

“Performing actions on behalf of the victim is also possible due to the exfiltration of the victim's authentication token and the s' ID,” the researchers noted in a blog.

Additionally, Check Point researchers found a misconfigured Cross-Origin Resource Sharing (CROS) policy in an API server of OkCupid. It could allow hackers to even filter data from the profile API endpoint and let them read victim's personal conversations.

“Not a single was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours,” OkCupid responded to Check Point on its discovery.

Online dating has reached new levels due to the coronavirus outbreak that has brought restrictions in meeting people physically. OkCupid itself has also noticed as much as 20 percent increase in conversations and 10 percent increase in matches globally. However, there are some references showing that people meeting online aren't that safe due to potential vulnerabilities and growing amounts of data breaches.


In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, the episode, or just hit the play button below.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: online dating
Samsung Galaxy Note 20, Galaxy Note 20 Ultra Prices Surface Again Ahead of Official Launch
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

ment

Follow Us

ment

© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »