Latest app store hit, the Yo messaging app, suffers spoofing and spam hacks
An app which has become one of the hottest downloads on the Apple App Store and Google Play Store has been found to be struggling from “security issues”. TechCrunch reports that the simple ‘Yo’ messaging app can be hacked in a number of ways so that user details can be harvested, users can be spoofed and also users can be spammed with messages.
Yo hit the news earlier in the week when it became clear it was the latest app to become a huge viral hit, seemingly without reason… The Yo app simply allows users to send a message saying ‘Yo’ to their friends – that is all. The app has been downloaded hundreds of thousands of times already. Illustrating its tidal wave success, the team behind the app announced that over 3.5 million Yos were sent between users on Thursday (see the Tweet below).
We wanted to tweet when we hit 1m Yos in one day… We blinked and yesterday we had 3,761,542 Yos sent in one day…
— Yo (@YoAppStatus) June 20, 2014
So what’s the grey cloud surrounding this silver lining? TechCrunch heard from a Georgia Tech student who has hacked the app with the following results: “We can get any Yo user’s phone number (I actually texted the founder, and he called me back). We can spoof Yo’s from any users, and we can spam any user with as many Yo. We could also send any Yo user a push notification with any text we want (though we decided not to do that)”.
This hack news has been updated with word from the developers that they have already fixed some of the holes in their product while other issues are still being worked on. Furthermore outside help in the form of a “specialist security team” has been brought in. However I reckon couple of such security holes aren’t bad for an app which took just “eight hours to create,” according to the BBC.
Predictably Yo’s success has sparked a flood of clones resulting in similar but different useless messaging apps hoping to cash-in. Looking at this situation positively, some of the alternatives might offer much better security.
Are any reader’s dismayed by the popularity of such obviously gimmicky apps and long for the good old days when utilities such as the Hodor Keyboard hit the headlines? Let us know in the comments below.