We were interested in what could be intercepted if, for example, the user connects to an unprotected wireless network – to carry out an attack it’s sufficient for a cybercriminal to be on the same network.Even if the Wi-Fi traffic is encrypted, it can still be intercepted on an access point if it’s controlled by a cybercriminal.The attack is based on a function that displays the distance to other users, usually to those whose profile is currently being viewed.
For example, Tinder, Paktor and Bumble for Android and the i OS version of Badoo upload photos via HTTP, i.e., in unencrypted format.
This is done using the authentication token the app receives from Facebook.
By modifying this request slightly – removing some of the original request and leaving the token – you can find out the name of the user in the Facebook account for any Happn users viewed.
If the app included an option to show your place of work, it was fairly easy to match the name of a user and their page on a social network.
This in turn could allow criminals to gather much more data about the victim, track their movements, identify their circle of friends and acquaintances. Discovering a user’s profile on a social network also means other app restrictions, such as the ban on writing each other messages, can be circumvented.