• Contact Us
  • Login
Upgrade
Tech News Hero
Advertisement
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
Tech News Hero
No Result
View All Result
Home Internet

OkCupid Vulnerabilities Discovered That Could Have Let Hackers Access Personal Details of Online Daters

by technewshero
December 15, 2020
in Internet
0
OkCupid Vulnerabilities Discovered That Could Have Let Hackers Access Personal Details of Online Daters
Share on FacebookShare on Twitter

Security researchers identified multiple vulnerabilities on the Web and mobile platforms of online dating site OkCupid that could have allowed hackers to steal user private data of users. The data could include full profile details, private messages, sexual orientation, personal addresses, and even all submitted answers to OkCupid’s profiling questions. The team at OkCupid is claimed to have fixed the flaws within 48 hours of receiving their details. It has also stated that the vulnerabilities haven’t impacted any of its users.

Researchers at Check Point Research disclosed the vulnerabilities in OkCupid that could have allowed hackers to gain user data access. The research work took place through the OkCupid Android app version 40.3.1 on Android 6.0.1. Upon reverse engineering the mobile app, the researchers discovered “deep links” functionality that could provide backdoor access to hackers to send malicious links.

While testing the mobile app, the researchers’ team was also able to find the OkCupid primary domain vulnerable to cross-site scripting (XSS) attacks. Both those loopholes could be combined to let a hacker send specially crafted links to users and steal their personal data.

The researchers said that at the time of their testing, they saw that the server responded with all the information regarding the victim’s profile, including email, and family status.

“Performing actions on behalf of the victim is also possible due to the exfiltration of the victim’s authentication token and the users’ ID,” the researchers noted in a blog.

Additionally, Check Point researchers found a misconfigured Cross-Origin Resource Sharing (CROS) policy in an API server of OkCupid. It could allow hackers to even filter user data from the profile API endpoint and let them read victim’s personal conversations.

“Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours,” OkCupid responded to Check Point on its discovery.

Online dating has reached new levels due to the coronavirus outbreak that has brought restrictions in meeting people physically. OkCupid itself has also noticed as much as 20 percent increase in conversations and 10 percent increase in matches globally. However, there are some references showing that people meeting online aren’t that safe due to potential vulnerabilities and growing amounts of data breaches.


In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Previous Post

Play the prologue of ‘Linda & Joan,’ a video game about the worst year of its creator’s life – TechNewHero

Next Post

Children Stream on Twitch—Where Potential Predators Find Them

technewshero

technewshero

Related Posts

Google to Host ‘Hello 2021 India’ Virtual New Year’s Eve Party on YouTube, Launches Party Popper Icon on Search
Internet

Google to Host ‘Hello 2021 India’ Virtual New Year’s Eve Party on YouTube, Launches Party Popper Icon on Search

by technewshero
January 13, 2021
Google Is Testing a Feature That Will Aggregate Short-Form Videos From TikTok, Instagram: Report
Internet

Google Is Testing a Feature That Will Aggregate Short-Form Videos From TikTok, Instagram: Report

by technewshero
January 14, 2021
Android’s Smart Text Selection Tool Adds Unit Conversion Feature, Redirects to Google
Internet

Android’s Smart Text Selection Tool Adds Unit Conversion Feature, Redirects to Google

by technewshero
January 15, 2021
Bitcoin Jumps to Record $28,600 as 2020 Rally Reaches New Heights
Internet

Bitcoin Jumps to Record $28,600 as 2020 Rally Reaches New Heights

by technewshero
January 16, 2021
Apple Supplier Wistron Could Not Manage Scaled Up iPhone Plant, Broke Several Laws: Government Report
Internet

Apple Supplier Wistron Could Not Manage Scaled Up iPhone Plant, Broke Several Laws: Government Report

by technewshero
December 21, 2020
Next Post
Children Stream on Twitch—Where Potential Predators Find Them

Children Stream on Twitch—Where Potential Predators Find Them

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

Unity IPO aims to fuel growth across gaming and beyond – TechNewHero

Unity IPO aims to fuel growth across gaming and beyond – TechNewHero

December 14, 2020
The Hypocrisy of Mike Pompeo

The Hypocrisy of Mike Pompeo

December 15, 2020
Ikea creates mock PS5, Xbox Series X consoles to help furniture shoppers

Ikea creates mock PS5, Xbox Series X consoles to help furniture shoppers

January 12, 2021

Browse by Category

  • Apps
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • News
  • PC & Laptops
  • Security
  • Social
Tech News Hero

© 2020 Tech News Hero.

No Result
View All Result
  • Home
  • Landing Page
  • Buy JNews
  • Support Forum
  • Contact Us

© 2020 Tech News Hero.

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?