Hacker's Warning: Grindr Bug IDs Users' Exact Locations
A hacker has sent warning messages to over 100,00 users worldwide of the popular hookup app Grindr, claiming that a flaw in the app allows the exact locations of users to be determined, UK GLBT news site Pink News reported on August 22.
The hacker or hackers behind the claim made an effort to warn users living in countries with anti-gay laws, according to a an Aug. 20 posting at the source Pink News referred to, tech news site NDTV.
The party behind the warning messages "claims to have used a secondary flaw to be able to send messages to over 100,000 users in 70 countries with anti-gay laws," NDTV reported. "The messages and posts express concern that Grindr users might be targeted, persecuted or even murdered."
The NDTV post said that the hackers had also posted news of the app's alleged flaw at various social media sites, including YouTube and Pastebin text dump.
One such notification at Pastebin took Grindr to task, claiming, "officials at Grindr have been informed several times within the past months about these issues, which would seem to imply that the concept of 'social responsibility' is lost upon Grindr.... Knowing that Grindr-Users in countries such as these are being put unnecessarily at a high risk should be reason enough for Grindr to change its system."
The Pastebin posting added, "Geo-based (dating) apps use the location of every user to show distances to each other. Using the same process as GPS satellites, it is possible for a malicious entity to perform a lateration, sending distance-requests from three different points and using the responses to calculate the exact position of a particular user."