Leaky server exposes users of dating site network

0
65

An internet database left uncovered on-line with no password has leaked the non-public particulars of tons of of hundreds of customers who signed up for on-line courting websites.

The leaky database, an Elasticsearch server, was found on the finish of August by safety researchers from vpnMentor.

The database was taken offline on September three after vpnMentor tracked down its proprietor in Mailfire, an organization that gives on-line advertising and marketing instruments.

vpnMentor researchers mentioned the database saved copies of push notifications that numerous on-line websites have been sending to their customers by way of Mailfire’s push notification service.

Push notifications are real-time messages that firms can ship to smartphone or browser customers who agreed to obtain such messages.

The leaky database saved greater than 882 GB of log recordsdata pertaining to push notifications despatched by way of Mailfire’s service, with the logs being up to date in real-time, as new notifications have been being despatched out.

In whole, vpnMentor mentioned the log recordsdata contained particulars for 66 million particular person notifications despatched over the earlier 96 hours, with private particulars for tons of of hundreds of customers.

vpnMentor, who analyzed the leaked information whereas trying to find the database proprietor, mentioned it discovered notifications belonging to greater than 70 web sites.

Among the websites the place e-commerce shops and categorised advertisements networks from Africa; nevertheless, the overwhelming majority of notifications originated from domains linked to courting websites.

These courting websites promised males the chance to discover a younger feminine accomplice in numerous areas of the globe, comparable to Japanese Europe or Japanese Asia.

Most of those websites used visually-looking designs, and whereas utilizing totally different domains, gave the impression to be half of a bigger community.

With none doubt, the notifications despatched by this community of courting websites was simply spam, attempting to lure customers to return to the positioning, claiming {that a} new consumer had despatched them a message.

However whereas spamming customers with push notifications just isn’t really a problem, particularly if the customers agreed to obtain these messages, the issue was that private information was additionally concerned.

In accordance with copies of the uncovered logs seen by ZDNet, the leaky Elasticsearch server did not solely comprise copies of the notifications however additionally they included a “debug” space the place private info for the consumer receiving the notification was additionally included.

Among the information we present in these debug fields included names, age, gender info, e-mail addresses, common geographical places, and IP addresses.

Moreover, the notifications additionally contained hyperlinks again to the consumer’s profile, in case the consumer clicked or tapped on the notification. These hyperlinks additionally contained authentication keys, which means anybody with this URL would have been capable of entry a consumer’s profile on the courting web site with no need a password.


Picture: ZDNet

Anybody who would have discovered this database over the course of the previous few weeks would have been capable of be taught the identities of customers who signed up on these courting websites and entry their profiles to learn non-public messages or see previous connections.

As vpnMentor researchers have identified, this leaky server was a catastrophe ready to occur. If this information leaks on-line, the customers of those websites would almost definitely face extortion makes an attempt, just like how Ashley Madison customers confronted blackmail makes an attempt for years. These extortion makes an attempt had a extreme toll on Ashley Madison customers, with some taking their very own lives after their private love life was uncovered to the general public.

Mailfire didn’t return a request for remark. Among the courting websites that we discovered within the leaky server included Kismia, Julia Dates, Emily Dates, Asian Melodies, Ukrainian Allure, Asia Allure, JollyRomance, OneAmour, ValenTime, Rondevo, Victoria Brides, Loveeto, Oisecret, WetHunt, Cum2Date, Jolly.me, and lots of extra.

LEAVE A REPLY

Please enter your comment!
Please enter your name here