Tech

Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In Software

View Comments
Screen shots of Secret iOS app. (Apple/Secret)

Screen shots of Secret iOS app. (Apple/Secret)

Trending Now

mobile home park Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In Softwarehttp://sanfrancisco.cbslocal.com/2014/09/27/growing-list-of-norcal-communities-counties-running-out-of-water-in-just-60-days/

mustache thief Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In SoftwareAlleged Shoplifter Nicknamed ‘El Mustachio The Magician’ Arrested At Santa Cruz Costco

jung Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In SoftwareNotorious Ex-Cocaine Kingpin George Jung Out of Prison, Living In San Francisco

hail fall napa Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In SoftwareWild Weather: Lightning, Hail Strike Napa, Heavy Rain In North Bay

uber Anonymous Posters On Secret Social Media App Unmasked By Hackers Exploiting Flaw In SoftwareSan Francisco Uber Driver Charged With Attacking Passenger With Hammer

SAN FRANCISCO (CBS SF) — Users of the popular anonymous social media app Secret have been offering random confessions to their friends with the understanding that they won’t know who it is, a premise that was  shattered by hackers who demonstrated that Secret is not secret.

Benjamin Caudill and Bryan Seely, executives with Rhino Security Labs of Seattle, hacked into the app to demonstrate to San Francisco-based Secret the vulnerability in the program and in hopes of qualifying for Secret’s ‘bug bounty” program, according to Wired.

Secret shows a stream of posts from people in their contact lists and friends of those contacts. Caudill and Seely showed that by creating a number a Secret account populated by fake friend accounts along with one real friend, the real person would be identified whenever they posted.

Instead of trying to capitalize on the vulnerability, Caudill tweeted Secret’s co-founder Chrys Bader to alert him of the bug, which led to a meeting between Caudill and Byttow, Forbes magazine reported.

Secret claims is has since installed a patch to prevent anyone else from repeating the same hack.

“As near as we can tell this hasn’t been exploited in any meaningful way,” Secret CEO David Byttow told Wired. “But we have to take action to determine that.”

According to Wired, since Secret instituted the bug bounty program in February, the company has closed dozens of security holes identified by so-called “white hat” hackers.

Meanwhile, Secret also announced Friday it was cracking down on bullying by enabling what is known as sentiment analysis or opinion mining to flag harassing comments, along monitoring the comments that are flagged.

 

View Comments
blog comments powered by Disqus
Follow

Get every new post delivered to your Inbox.

Join 55,759 other followers