While mobile dating apps may seem like a convenient platform to jumpstart your love life, they are also a dream destination for ambitious stalkers, a new study has found. Researchers at Kaspersky Lab have discovered so many security vulnerabilities in popular dating apps, it’s almost like they were serving user data over to criminals on a platter.
In particular, Tinder, Mamba, Zoosk, Happn, WeChat, and Paktor were found to be most prone to having their location data hacked. “If the app included an option to show your place of work, it was fairly easy to match the name of a user and their page on a social network. This, in turn, could allow criminals to gather much more data about the victim, track their movements, identify their circle of friends and acquaintances,” Kaspersky Lab explains in a blog post, detailing how this data can be used to stalk the victim.
The attack based on geolocation data weakness uses a function of mobile dating apps which shows the user’s proximity to other app members. Now, to be clear, the apps don’t reveal in which direction the user whose profile is being viewed is from a particular location. And the process of determining that by moving around the victim and recording distance data can be quite tedious.
But it appears that the apps themselves are simplifying this task for criminals, the research says. “An attacker can remain in one place, while feeding fake coordinates to a service, each time receiving data about the distance to the profile owner.” The accuracy with which user location is shown varies from one app to the other. The less accurate an app is, the more measurements an attacker would need to make.
What is even more disturbing is that these findings come on the heels of a University of Washington study which concluded that a surprisingly modest budget of $1,000 is all it takes to exploit an individual’s online advertising network to track their location and learn what kind of apps they are using. Read more about that research here. And till the time dating apps tighten their security measures, Kaspersky Lab recommends avoiding public Wi-Fi access points and refraining from sharing any personally identifiable information, such as workplace, on a dating network.