Critical Vulnerability Found In Mitron App Which Allow Account Takeovers

A cybersecurity researcher Rahul Kankrale found a flaw in the Mitron app which is important and simple to use. It has a bug that needs the permission of the users to enter profile information by logging in with Google app. 

Anyone who knows a special userID for the target user can take control of the account easily. This bugs still unpatched      (till the time this article is published) making anyone or an attacker to hack into it victims account without any special skills. 

The app name "Mitron" or friends, when translated in Hindu, was sufficient to attract large users within a short time of its publicity. After TikTok challenged the frustration of Indian users because of data protection and some other legal and moral problems, the social media environment took over.

The Mitron App has been removed from play store for Policy Violation  
“We don't allow apps that merely provide the same experience as other apps already on Google Play. Apps should provide value to users through the creation of unique content or services,” the policy reads. It also states that the app should provide a “basic degree of functionality and a respectful user experience.”
 Mitron app is said to be a clone of TicToc, and Pakistani developers purchased the source code of its software.
Previous Post Next Post

Found this article interesting? Follow Hackers Review on Facebook, Twitter  and Telegram to read more exclusive content we post.