comScore
Active Stocks
Thu Nov 30 2023 12:01:50
  1. Reliance Industries share price
  2. 2,385.3 -0.63%
  1. Tata Motors share price
  2. 699.8 -1.73%
  1. Tata Steel share price
  2. 128.45 0.59%
  1. ICICI Bank share price
  2. 931.75 -0.81%
  1. HDFC Bank share price
  2. 1,545.2 -0.9%
Business News/ Technology / Gadgets/  Security flaw in Indian short video platform Chingari allows hackers access to user accounts
Back Back

Security flaw in Indian short video platform Chingari allows hackers access to user accounts

 Prasid Banerjee

Attackers could use the vulnerability to gain access to their accounts and change their account settings or even upload content on their behalf.

Photo: TwitterPremium
Photo: Twitter

A security flaw has been found in Indian short-video app, Chingari, which has garnered millions of downloads following the Indian government’s ban of TikTok and 58 other Chinese apps. Girish Kumar, who works at cybersecurity firm Encode, demonstrated the vulnerability via a video on YouTube, showing how attackers could take over user accounts by exploiting it.

Kumar told HackerNews, which first reported the vulnerability, that targeted users did not need to be involved in order for the hack to work. Attackers could use the vulnerability to gain access to their accounts and change their account settings or even upload content on their behalf.


The company acknowledged the flaw and said it has addressed and patched the same in the 24 hours since it was notified about it. The flaw was in version 2.4.0 and below of the app, according to the company’s statement. “We have pushed updates on both Play Store and App Store with fixes," the company said. The updates are still pending for approval by Google and Apple.

The company also said that the affected versions may stop working since the company has shut down the application programming interfaces (APIs) associated with them. “It is advisable to update the app to the latest version. Rest assured that your sensitive data like email etc. are not compromised. No user data was compromised due to this vulnerability," the statement said.

Chingari is amongst the many Indian apps that have benefitted from the ban on TikTok and accompanying Chinese apps by the Indian government. The company has amassed over 19 million downloads in under two weeks. Its founder, Sumit Ghosh, had earlier told Mint that the company is enroute to raising funds right now.

Another Indian clone of TikTok, Mitron, had also been found to be vulnerable back in May. Like Chingari, that vulnerability also allowed attackers to log in to a user’s account without their intervention.


..

Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.

ABOUT THE AUTHOR
Prasid Banerjee
An engineering dropout, Prasid Banerjee has reported on technology in India for various publications. He reports on technology through text and audio, focusing on its core aspects, like consumer impact, policy and the future.
Related Premium Stories
Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Updated: 11 Jul 2020, 09:45 PM IST
OPEN IN APP
Next Story footLogo
Recommended For You

Wait for it…

Log in to our website to save your bookmarks. It'll just take a moment.

Yes, Continue

You are just one step away from creating your watchlist!

Login Now

Wait for it…

Oops! Looks like you have exceeded the limit to bookmark the image. Remove some to bookmark this image.

Your session has expired, please login again.

Yes, Continue
Switch to the Mint app for fast and personalized news - Get App