Grindr Found To Have Frightening Security Flaw Leaking User's Private Information

Grindr has been exposed as having a concerning security breach, as it has been revealed that the app could allow users to pinpoint people's exact location. 

Grindr app on phone screen

It has been discovered that Grindr is guilty of a shocking security breach after a blog called Queer Europe, along with the help of another gay dating app called F*ckr, used a technique called trilateration to hack into the app’s API (Application Programming Interface).

They found that they were able to pinpoint Grindr user’s exact location.

Queer Europe posted a video to Twitter demonstrating how it was done, writing that “applications designed to locate Grindr Users are publicly available online.”

 

Upon the discovery, Queer Europe wrote on their website:

“While sitting behind my laptop, I could see in which restaurants he was eating, in which cafes he was drinking, and in which nightclubs he was dancing. I could also see that he went to the gay sauna at 1 am and then slept at a stranger’s house at 3 am. By making it so easy to track individuals with precision, Grindr makes its users extremely vulnerable to harassment and stalking.”

The Inquirer also reported that F*ckr users could “uncover up to 600 Grindr users within minutes.”

This is not the first time the app has been found to have major security flaws, as of March this year it was found that a site called C*ckblocked allowed users to “enter their Grindr info and see who had blocked them on the app.”

The developer of C*ckblocked, Trevor Faden, told NBC that he could then identify user’s locations, even if they had their location settings switched off, and that he could also view deleted pictures, unread messages and email addresses.

Similarly, it was discovered in 2014 that Grindr user’s exact locations could be identified, resulting in Grindr pulling out of countries such as Russia, Nigeria, Egypt, Iraq and Saudi Arabia, where it could be potentially life-threatening to be exposed as gay. Although, Queer Europe reported that it was still available in countries such as Algeria, Turkey, Belarus, Ethiopia, Qatar, Abu Dhabi, Oman, Azerbaijan, China, Malaysia and Indonesia, where being exposed as gay can be just as risky.

Since the exposé, F*ckr has been disabled by its host GitHub, while Grindr CEO Scott Chen made a statement, promising that the app “will continue trying to evolve and improve our platform.”

© 2018 GCN (Gay Community News). All rights reserved.

Support GCN

GCN has been a vital, free-of-charge information service for Ireland’s LGBTQ+ community since 1988.

During this global COVID pandemic, we like many other organisations have been impacted greatly in the way we can do business and produce. This means a temporary pause to our print publication and live events and so now more than ever we need your help to continue providing this community resource digitally.

GCN is a registered charity with a not-for-profit business model and we need your support. If you value having an independent LGBTQ+ media in Ireland, you can help from as little as €1.99 per month. Support Ireland’s free, independent LGBTQ+ media.

0 comments. Please sign in to comment.