How dating app vulnerabilities can put enterprises at risk


Vulnerabilities in dating apps can not only put enterprises at risk but also could jeopardize enterprise BYOD models says a survey conducted by Kaspersky. The study made by the Russian Cybersecurity firm has examined 9 such apps and came to the conclusion that they are susceptible to man-in-the-middle attacks putting sensitive info at risk.

Security experts argue that if a dating app security vulnerability is exploited on a BYOD, then it can not only help hackers intercept info on the device but can also make way to sensitive info that could put an entire enterprise at risk.

Additionally, the study also found that some social media apps such as Facebook and Twitter were trying to fetch info from popular dating apps to endorse a user’s relationship status on their respective platform.

“Our research confirms that a lot of apps leak usernames and passwords which could push a corporate network into deep trouble as most of the employees in corporate world use the same password across the business and personal websites”, said Micheal Covington, Vice President of London based enterprise mobile security firm Wandera.

In most cases, it’s not the user who is at risk, but is the app which gathers more info than required like location services, access to microphone or camera or contacts and in rare cases emails added Micheal Covington.

“It’s not only the dating apps which are at risk. But any app installed on the device will somehow to initiate some level of risk”, says Bob Kelly, Senior Product Manager at Flexera Software.

As dating apps are more popular for holding a sheer amount of info such as personal data, they can impose a perceived risk to enterprise networks says a report compiled by IBM.

The technology giant also states that a microphone or a camera can also be turned on remotely via susceptible dating apps and so the risk doubles in this segment.

Know more such risks posed by Dating apps…? Then you can add your points in the comments section below.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display