The “Yo” app, which has entered the top 10 App Store apps in the US, has been hacked by college students

Only yesterday on Habré was published the news about the unpretentious application "Yo", which suddenly became popular. This app hit the top 10 App Store apps in the US, plus it received a $ 1 million investment.

The application was even noted by Elon Musk, who called him the best messenger (this message has already been erased, but the Internet remembers everything, yes):
')


Well, today it turned out that the application has already been hacked by three college students.

Hacking allows, firstly, to find out the phone number of any user of the application (hackers have already learned the phone number of the creator of the application, and talked to him). Secondly, they can send “Yo” in any quantity to any user. Thirdly, hacking allows you to send a push notification to any user, with any text (the guys decided not to).

In general, hackers have already reported the problem to the author of the application, and he confirmed the fact of hacking by Techcrunch. Now the developer is trying to eliminate the vulnerabilities of the application, although it is not clear exactly what kind of vulnerability could lead to the above-mentioned cracking.

Nevertheless, the author of the application promises to solve the problem "within a few hours."

By the way, yesterday, another user of the application, taking his nickname "ELONMUSK", created a "storm in the glass", forcing other users to believe that Elon Musk sends messages to these users. Of course, a bunch of joyful tweets like “Elon Musk sent me Yo!” Immediately appeared:



This is social engineering, and not the vulnerability of the application, here the author describes how everything was done (English).

Via techcrunch