A big security fault has been found in the dating app Tinder and it has been exposed by the Indian hacker. Security researcher Anand Prakash has found the logic of logging in the Tinder through the Facebook account kit service. For this he has been given a reward of 5,000 dollars from Facebook. Tinder has also given a prize of $ 1250 to find them.
Anand Prakash has explained that the users who use the mobile number for the Tinder app as their user name could be affected by this bug. The hackers who used to log in to the Tinder app through their phone numbers were easy to hack and it was possible through the Facebook account kit.
Security researcher Anand Prakashan has interacted with us. They have told that with this shortfall, all the tinderers were in danger, who used to login their account with the mobile number. Although he said that it is difficult to tell how many people have hacked the account.
According to Anand Prakashan, both Tinder Web and Tinder Mobile app can log in via user mobile number. The log in service is provided by the Facebook account. The tender is redirected to accountkit.com only after logging in with the phone number. Accountant Tinder for the accountant is successful when the authentication is successful.
It is worth noting that Account Kit is a Facebook product that allows users to log in by registering in some apps via phone number. Login option is also available via email. However, this does not require a password and can be logged in any other application through the app and Anand Prakash has removed the same problem here.
Anand Prakashan gave information to Facebook and Tinder about this, after which the two companies corrected this bug and now it is not having such a problem.
Let me tell you that Anand Prakash has been looking for bugs in the tech companies like Facebook and Uber several times before and he has been receiving a reward from Facebook for this and the companies have also appreciated them.