. home.aspx



Love Bug Found in OkCupid Android App

February 14, 2019 / Kacy Zurkus

Only days after Infosecurity reported that OkCupid users said their accounts had been hacked, Checkmarx disclosed that the OkCupid Android App actually posed risks because of security failures in MagicLinks. It’s well known that malicious actors love to exploit a good holiday, which puts users at risk on Valentine’s Day. To identify any potential vulnerabilities, researchers dove into the popular Android dating app only to discover that attackers could easily gain access to user information, including personal contact information such as email aliases, names, genders, dates of birth and locations. In addition, researchers found that they could gain access to a user’s dating preferences, such as whether they’re looking to hook up, find new friends, and date short or long term and whether they’re open to non-monogamy. According to researchers, most of the URLs that pass through the app are not vulnerable because OkCupid uses WebView, yet some URLs are design...