Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Customer Data / IBM: Dating Apps Are Security Threat
 Mobile Dating Apps Are Security Threat, IBM Finds
Mobile Dating Apps Are Security Threat, IBM Finds
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
The majority of top Android dating apps found in the Google Play store have security vulnerabilities that could leave users open to hacking, stalking and credit card number theft, security researchers at IBM have found. Enterprises are also vulnerable, as these apps are frequently found on business-owned devices or on personal devices brought in by employees for work.

IBM Security identified medium- to high-severity vulnerabilities on 63 percent, or 26 out of 41, popular dating apps available through Google Play in October of last year. Using IBM's AppScan Mobile Analyzer tool, they found that many apps also granted "a large number of excessive privileges."

"Many consumers use and trust their mobile phones for a variety of applications," said Caleb Barlow, vice president of IBM Security. "It is this trust that gives hackers the opportunity to exploit vulnerabilities like the ones we found in these dating apps....Our research demonstrates that some users may be engaged in a dangerous tradeoff -- with increased sharing resulting in decreased personal security and privacy."

Millions of Dating Apps Users

We contacted an IBM spokeswoman to learn more about the analysis of mobile dating apps. She said IBM would not identify the companies whose apps were studied so those organizations would not be targeted by hackers.

"We don't want to put a bull's-eye on them," she said. After conducting the analysis, IBM also contacted the app providers to let them know about the vulnerabilities it identified so these could be corrected, she added.

Security flaws in mobile dating apps have the potential to affect millions of people. According to a study conducted by Pew Research in late 2013, 11 percent of people in the U.S. -- including 38 percent of those who describe themselves as "single and looking" -- have used a dating site or app.

A study last year by the cybersecurity firm Synack found vulnerabilities in dating apps like Tinder and Grindr that could let others identify the exact location of users. (A blog post at Synack described the Tinder app as "basically a stalker's dream.") Tinder responded by patching the flaw, while Grindr disabled location tracking by default in countries where homosexuality is illegal to protect gay users.

Stay Up-to-Date on Patches

The new research from IBM found similar concerns with location tracking on dating apps. Of the 41 apps studied, 73 percent provided access to users' current and past GPS data. Such data could be used by hackers to "find out where a user lives, works, or spends most of their time," according to IBM.

Other vulnerabilities could enable malicious actors to access credit card information, hijack a user's dating profile or send users messages or alerts that, when clicked, would install malware onto their devices. And all the vulnerabilities found provided ways to access a device's camera or microphone, meaning attackers could "spy and eavesdrop on users or tap into confidential business meetings."

IBM recommended that, to protect against security risks, dating apps users should be careful to use only trusted Wi-Fi connections, limit how much personal information they divulge, check permissions, use unique passwords for each account, and stay up to date on patches and bug fixes. Business should also be sure to use mobile threat management tools, keep employees informed about potential risks, and act quickly when security breaches are discovered.

Tell Us What You Think


Posted: 2015-02-11 @ 10:29am PT
Just Android itself is a security threat.

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.