- Apr 21, 2016
- 4,370
Secure messaging app Confide is, apparently, not as secure as it claims to be, with several security holes making it easy to hack.
According to a blog post by security company IOActive, several vulnerabilities were found in Confide, despite its "military-grade" end-to-end encryption.
It seems that IOActive managed to get access to records for 7,000 Confide users by exploiting vulnerabilities they discovered in the app's account management system. They explain that part of the problem came from Confide's very API, which could be used to reveal data on users, including their phone numbers and email addresses.
Researchers further discovered the app allowed user to choose basic passwords. When brute-force attacks were used against a user's account, the app could not block the attacker.
IOActive also adds that data sent from ... (read more)
Read more: Encrypted Messaging App Confide Was Full of Security Bugs Exposing User Data
According to a blog post by security company IOActive, several vulnerabilities were found in Confide, despite its "military-grade" end-to-end encryption.
It seems that IOActive managed to get access to records for 7,000 Confide users by exploiting vulnerabilities they discovered in the app's account management system. They explain that part of the problem came from Confide's very API, which could be used to reveal data on users, including their phone numbers and email addresses.
Researchers further discovered the app allowed user to choose basic passwords. When brute-force attacks were used against a user's account, the app could not block the attacker.
IOActive also adds that data sent from ... (read more)
Read more: Encrypted Messaging App Confide Was Full of Security Bugs Exposing User Data
Last edited by a moderator:
