Forgot your password?
typodupeerror
Security Communications Software

WeChat IM Application Could Disclose Your Password To Attackers 49

Posted by Soulskill
from the conveniently-facilitates-account-sharing dept.
New submitter soulflyz writes "Security researchers found some security issues in WeChat, a popular instant messaging application developed by the Chinese company Tencet. By exploiting these vulnerabilities, any other application installed on the user's phone can force WeChat to send the user's password hash (in plain MD5 format) to an external web server, controlled by the attacker. Android versions of WeChat up to 4.5.1 are confirmed to be vulnerable, but similar issues could interest also other versions of the application. According to recent statistics, WeChat should have about 300 million registered users."
This discussion has been archived. No new comments can be posted.

WeChat IM Application Could Disclose Your Password To Attackers

Comments Filter:

A bug in the code is worth two in the documentation.

Working...