A recent TechCrunch report revealed that the Go SMS Pro app has been hacked and personal data, including photos, videos, and other files leaked, to users of the app, as the report cited the results of security researchers at Trustwave.
The report claims that these photos, videos, and other files have been shared privately by users and the app maker appears to know this since August but “has done nothing to fix the bug.” Trustwave security researchers discovered the bug in August and contacted the app maker with a deadline set. 90 days to fix the issue, as in normal practice in revealing vulnerabilities to allow sufficient time for repair.
But after the deadline passed without hearing a response, the researchers announced the problem, according to a TechCrunch report. The app, which has more than 100 million installations on the Google Play app list, is said to have exposed private audio messages, video messages and photos in general.
To understand the vulnerability, readers should note that this application allows users to share files with anyone regardless of whether the recipient has the application or not, as this is done by sharing the URL to the recipient via SMS and clicking on this URL will allow the recipient View the media file via a browser.
The researchers claim that their findings show that the application allows anyone to access the link without any authentication, which means that anyone who gets the link can access the file, in addition, it has been found that when sharing media files using the application, a link is created. Regardless of the recipient who has the app installed.
As a result, the malicious user is likely to access any media files sent through this service as well as any files sent in the future, and this obviously affects the confidentiality of the media content sent through this application. “As mentioned earlier, the report claims that researchers have contacted App maker back in August and they haven’t heard anything from them about it.
The researchers said, “Trustwave has attempted to contact the supplier several times since August 18, 2020 but has not received any response, and as such, this vulnerability still exists and poses a risk to users, and it is highly recommended to avoid sending media files that you expect to remain private or that may contain.” Sensitive data using this popular messaging app, at least until the vendor recognizes and remedies this vulnerability. “
These were the details of the news Millions of users’ data leaked to the Go SMS Pro messaging... for this day. We hope that we have succeeded by giving you the full details and information. To follow all our news, you can subscribe to the alerts system or to one of our different systems to provide you with all that is new.
It is also worth noting that the original news has been published and is available at eg24.news and the editorial team at AlKhaleej Today has confirmed it and it has been modified, and it may have been completely transferred or quoted from it and you can read and follow this news from its main source.