Researcher rates Redmond after rapid responds to rathole reveal in Group TXTing app
By Darren Pauli, 31 Oct 2014 Microsoft has patched a simple 'full-account takeover' flaw in its popular iOS and Android messaging client GroupMe.The app once described as "utterly indispensable" had of 2012 processed a whopping 550 million messages a month, and was downloaded 76,000 times from Google's Play Store.
New York hacker Dylan Saccomanni said in a post the service's iOS app contained a flaw allowing account take over for any targeted number.
"A critical vulnerability related to mobile phone SMS verification in the iOS application allowed for account takeover provided you knew your target's phone number," Saccomanni said.
Full Article