11.6 C
London
Sunday, November 27, 2022

Messaging app JusTalk distributes millions of unencrypted messages – londonbusinessblog.com

Must read

Best early Cyber ​​Monday 2022 TV deals you can get: LG OLED, TCL QLED and more

Black Friday and Cyber ​​Monday are great opportunities to get the 4K TV of your dreams for a lower price than usual. These...

Guidelines for organizing and leading successful meetings

When it comes to leadership and management, leaders sometimes ignore meeting management. Meetings that are productive are no coincidence. Calendar - Calendar Meetings that are...

Who is Maël Lucas from “Love without limits”?

Love Without Borders is a brand new reality TV series airing on Bravo in a few days. The next reality dating series follows...

Alisa Mote Facts On Kye Kelley’s Ex Wife: Who Is Mote Dating?

Alice Mote is the ex-wife of a TV star and well-known drag racer Ky Kelley. Her former husband Kye is also a member...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

The popular video calling and messaging app JusTalk claims to be both secure and encrypted. But a security flaw has proven that the app is not safe or encrypted after a huge cache of unencrypted private messages from users was found online.

The messaging app is widely used in Asia and has a growing international audience with 20 million users worldwide. Google Play Lists JusTalk Kidsbilled as its kid-friendly and compatible version of its messaging app, with over 1 million Android downloads.

JusTalk says both apps are end-to-end encrypted — where only the people in the conversation can read the messages — and boasts on its website that “only you and the person you’re communicating with can see, read, or listen to them: not even the JusTalk team can access your data!”

But an overview of the massive cache of internal data seen by londonbusinessblog.com proves those claims untrue. The data includes millions of JusTalk user messages, along with the exact date and time they were sent and the phone numbers of both the sender and recipient. The data also includes records of calls made through the app.

Security Investigator Anurag Sen found the data this week and asked londonbusinessblog.com for help reporting to the company. Juphoon, the China-based cloud company behind the messaging app, said it launched the service in 2016 and is now owned and operated by Ningbo Jus, a company that seems part the same office as listed on the Juphoon website. But despite multiple attempts to reach JusTalk founder Leo Lv and other executives, our emails were not acknowledged or returned, and the company made no attempt to fix the leak. A text to Lv’s phone was marked as delivered but not read.

Because every message in the data contained every phone number in the same chat, it was possible to follow entire conversations, including children who used the JusTalk Kids app to chat with their parents.

The internal data also includes the detailed locations of thousands of users collected on users’ phones, with large clusters of users in the United States, United Kingdom, India, Saudi Arabia, Thailand and mainland China.

According to Sen, the data also includes records from a third-party app, JusTalk 2nd phone number, which allows users to generate virtual, ephemeral phone numbers to use instead of giving out their private mobile phone number. A review of some of these records reveals both the user’s cell phone number and any ephemeral phone number they generated.

We are not disclosing where or how the data is available, but are advocating disclosure after finding evidence that Sen was not alone in discovering the data.

This is the latest in a wave of data breaches in China. Earlier this month, a massive database of some 1 billion Chinese residents was siphoned off from a Shanghai Police Department database stored in Alibaba’s cloud and portions of the data were published online. Beijing has not yet publicly commented on the leak, but references to the social media breach have been widely censored.


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Best early Cyber ​​Monday 2022 TV deals you can get: LG OLED, TCL QLED and more

Black Friday and Cyber ​​Monday are great opportunities to get the 4K TV of your dreams for a lower price than usual. These...

Guidelines for organizing and leading successful meetings

When it comes to leadership and management, leaders sometimes ignore meeting management. Meetings that are productive are no coincidence. Calendar - Calendar Meetings that are...

Who is Maël Lucas from “Love without limits”?

Love Without Borders is a brand new reality TV series airing on Bravo in a few days. The next reality dating series follows...

Alisa Mote Facts On Kye Kelley’s Ex Wife: Who Is Mote Dating?

Alice Mote is the ex-wife of a TV star and well-known drag racer Ky Kelley. Her former husband Kye is also a member...

Holiday travel with Covid, RSV and flu means it’s time to bring back mask mandates

Going into the holiday season last year, rising Covid-19 cases overwhelmed hospitals. This year, hospitals are overwhelmed by a combination of Covid, respiratory...