Chingari developer website has malware, claims hacker - Tech 2 Asia

Breaking

Thursday, July 2, 2020

Chingari developer website has malware, claims hacker

TikTok’s rising alternative, Chingari, has been doing the rounds on social media crossing several million downloads in the last few days. However, a new report indicates that the website of the company behind the app has malicious content pinned to its webpages.

Robert Baptiste, a security researcher going by the twitter name Elliot Anderson said that the website of Globussoft, the company under which the Chingari app was incubated, has been compromised. He included a report of how the website has a drop script on all of its web pages meaning clicking on links inside will redirect the users to several websites that are linked backdoor.

While the app doesn’t have a connection to this issue, Robert expressed concerns saying if the application has similar security issues like the one on the website. Reacting to this, the co-founder of Chingari, Sumit Ghosh has said that the security of users on its website/app is not compromised.

He added that Chingari was developed under Globussoft and securely stored on AWS servers whose location is based at Mumbai. He has also assured that the wp security issue of the website will be fixed soon.

Further, a UI developer going by the Twitter name @CitizenK said that his Bitdefender which is a cybersecurity and antivirus software, was able to catch a trojan linked behind the Globussoft website. He expressed concerns saying that how can an app be trusted if the website behind it uses the devices for crypto mining.

Having said that, Chingari is yet to react to this. If we recall, the Indian Government had banned TikTok and 58 other applications in the country citing data theft and security reasons. Following this, Chingari, an app which is claimed to be developed indigenously has been gaining popularity passing 3.5 Million downloads in a day.

We will have to wait and see how the company reacts to the criticisms over the website of its developer in the future.

No comments:

Post a Comment