A major flaw has been found in the Mitron App.
Attackers can follow others using a hacked account and can also access activities like comments.
Not only this, the attackers can also follow others using a hacked account and can also access activities like comments. Expert Konkrale says that this flaw in the Friends app is only present in the initial login process, from where hackers take access to the user’s account without knowing the password and without any verification process.
(Also read – Xiaomi’s powerful smartphone with 64 megapixel camera is available cheaply, will get 4,500 mAh battery)
The report states that Friends does not use the Secure Sockets Layer (SSL) protocol for app login. This app allows users to login with their Google account. Despite this, it uses its own unique ID for the login process, not Google credentials. Kankrale has also made a video to explain it, which can be seen below.
Mitron has been bought from Pakistani software company!
This is the second time when something has been revealed about friends. Earlier it has been revealed that this app is not Made in India and it has been purchased from Pakistan Software Company. News18 found that the complete source code of the Friends app, which has all the features and user interfaces, has been purchased from the Pakistani software company Qboxus. According to Irfan Sheikh, founder and chief executive of Qboxus, his company has sold the source code of the app to the promoters of friends for $ 34 i.e. around Rs 2,600.