• Viber's Apple App Store Description Defaced by Hackers

    This past week, the popular messenger Viber was hacked by the Syrian Electronic Army and the Support page was defaced as well with the message saying, “The Israeli-based – Viber is spying and tracking you.” It has recently been discovered that Viber’s Apple App Store description has been defaced as well, this time with a modified description reading “We created this app to spy on you, PLEASE DOWNLOAD IT!”

    It isn’t quite clear if the hack was also performed by the Syrian Electronic Army or not but it’s possible that hackers may have gained access to other various developer-facing functions. The company responded after a previous attack stating that one of its employee’s fell victim to a phishing attack and attackers could gain access to a customer support panel and support administration system, insisting that no sensitive user data had been exposed. The company released the following statement to the public:

    A few days ago a “hacker” was able to gain access to a couple of Viber.com email accounts via a phishing attack. This has since been fixed.

    Data they recovered allowed them to deface our support site and also gain access to our iTunes Connect account (App Store) at a level that allowed them to change the description text of our app – which they did a few days ago around the same time as the original defacement. We noticed this within minutes, fixed the metadata and removed this user (in fact, all users but one) from our iTunes Connect account.

    Unfortunately, on Saturday this happened again. Upon further investigation we realized this is a security issue in iTunes Connect. It seems that when you remove a user, if the user is logged in, then the user stays logged in. We hope Apple fixes this issue soon, as currently we have no way to permanently disconnect this user from our iTunes Connect. We have reached out to Apple regarding this issue and are waiting on their response.

    At this point, we want to reassure users, that this has no impact on the security of the Viber App, Viber System, our databases, user information, etc. It’s merely an unfortunate nuisance.
    We’ll have to see if the company has shaped up and secured itself from future attacks.

    Source: The Hacker News
    This article was originally published in forum thread: Viber's Apple App Store Description Defaced by Hackers started by Akshay Masand View original post
    Comments 5 Comments
    1. PokemonDesigner's Avatar
      PokemonDesigner -
      That is awesome. This is why I don't download apps like this.
    1. micro_master's Avatar
      micro_master -
      Viber does spy on you though. It's true lol
    1. HovikGas's Avatar
      HovikGas -
      Quote Originally Posted by micro_master View Post
      Viber does spy on you though. It's true lol
      Along the lines of all the NSA/PRISM stuff that's been in the news lately, or just them spying on us for their own shits and giggles?
    1. Reeiiko's Avatar
      Reeiiko -
      Viber devs falling for phishing attacks..
    1. slim.jim's Avatar
      slim.jim -
      Quote Originally Posted by Reeiiko View Post
      Viber devs falling for phishing attacks..
  • Connect With Us

  • Twitter Box

  • Facebook