Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyber Insurance

Cybercriminals Already Targeting, Selling Leaked GO SMS Pro Data

Cybercriminals have been observed targeting a recently disclosed vulnerability in the GO SMS Pro messaging application to steal user data.

Cybercriminals have been observed targeting a recently disclosed vulnerability in the GO SMS Pro messaging application to steal user data.

The issue, Trustwave revealed a couple of weeks ago, is that users’ media messages are stored insecurely on a publicly accessible server, exposing them to unauthenticated attackers.

Whenever a user attempts to send a media file, Trustwave’s SpiderLabs security researchers discovered, the application would generate a URL that can be easily guessed and which does not require authentication to access the shared media.

Minor scripting can be used to target the unprotected media files and exfiltrate them, and Trustwave now says that threat actors are publicly sharing tools and scripts exploiting the bug.

“Several popular tools are updating daily and on their third or fourth revision. We’ve also seen underground forums sharing images downloaded from GO SMS servers directly,” Trustwave says.

Not all media can be linked to specific users, but some of the shared images and videos do include people’s faces, names, and other identifying characteristics, thus representing a major privacy breach.

Another issue that Trustwave underlined was the app developer’s unwillingness to cooperate with its researchers to address the security hole.

However, it appears that the developer did attempt to address the issue, an application version uploaded to Google Play on November 23 reveals. However, analysis of the app showed that a complete fix hasn’t been deployed yet.

Advertisement. Scroll to continue reading.

The developer initially disabled the option to send media files using the app. Soon after, the capability was re-enabled, although the media did not appear to be delivered to the recipient.

“Despite these half fixes, we can confirm that older media used to verify the original vulnerability is still available. That includes quite a bit of sensitive data like driver’s licenses, health insurance account numbers, legal documents, and of course, pictures of a more ‘romantic’ nature,” Trustwave says.

SecurityWeek has once again attempted to contact GO SMS Pro’s developer for an official comment on the matter but received no reply as of yet.

Related: GO SMS Pro Exposes Messages of Millions of Users

Related: Photos of 6.8 Million Facebook Users Exposed by API Bug

Related: UK Printing Company Exposed Military Documents

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...