BreachExchange mailing list archives
French security researcher claims Twitter's desi rival Koo is 'leaking' personal data of users
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 15 Feb 2021 09:24:27 -0600
https://www.businessinsider.in/tech/apps/news/twitter-alternative-indians-app-koo-is-exposing-personal-data-of-users-as-per-french-researcher/articleshow/80842475.cms Koo app is reportedly exposing personal data of users, according to a French security researcher. Koo is a desi alternative to Twitter and allows its users to post short messages just like Twitter. According to Robert Baptiste who goes by the pseudonym Elliot Alderson (@fs0c131y), Koo is exposing sensitive user information like email address, date of birth, gender and marital status. Baptiste has, in the past, exposed flaws in various government apps and websites, including the government-mandated Aarogya Setu app, which the Indian authorities have vehemently refuted. He posted his findings on Twitter, including screenshots of the code he analyzed. According to him, Koo has a domain registered in the US, but the registrant of the domain is based in China. The founders recently admitted to having a Chinese investor who, they said, would be bought out. We have reached out to Koo for a comment on the matter and will update the story with their statement when we receive it. Koo’s co-founder Aprameya Radhakrishna took to Twitter to downplay the ‘leak’. Koo is being backed by Indian ministers as an alternative to Twitter Koo has gained popularity of late after India’s ministers and pro-government activists started a #BanTwitter campaign on Twitter. They also started promoting Koo, which also saw Indian ministers like Piyush Goyal chip in with a tweet nudging his followers to join him on the app. Prime Minister Narendra Modi also promoted Koo in one of his monthly addresses to the people. The app also won the government’s Digital India AtmaNirbhar Bharat Innovate Challenge in 2020. The 10-month-old app has over 3 million downloads now, registering 10x growth since December, 2020. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- French security researcher claims Twitter's desi rival Koo is 'leaking' personal data of users Destry Winant (Feb 15)