Popular Dating App MobiFriends Hacked; Hackers Expose Data of Nearly 3.5 million MobiFriends users
The emails, hashed passwords, and usernames of 3.5 million users of MobiFriends were put up for sale on Dark Web Hacker Forum
If you are using MobiFriends to date, you should take this news seriously. The credentials of a whopping 3.5 million users of the popular dating App, MobiFriends are being sold on a Dark Web hacker forum according to researchers.
What is MobiFriends
MobiFriends is an online dating service helping lovers to meet online. It has a very popular Android App which has been downloaded by nearly 500,000 users. It has been developed by Barcelona-based developer MobiFriends Solutions and is very popular in Europe.
The personal details of 3,688,060 users registered on the MobiFriends dating app have been posted online earlier this year and are now available for download. According to researchers at Risk Based Security, the Mobifriends data trove of 3.5 million users seems to come from the January 2019 data breach incident. The leaked data include dates of birth, genders, website activity, mobile numbers, usernames, email addresses, and MD5 hashed passwords.
In the meantime, the MobiFriends data was leaked by some hackers last month in the public domain. Roy Bass, the senior dark web analyst at Risk Based Security (RBS), told Threatpost the posting came from a reliable source. Bass said that researchers verified the data against the MobiFriends official website and found the data to be accurate.
The users dating using MobiFriends would be relieved to hear that the data does not contain any private messages, images, or sexual-related content. The data, however, contains passwords secured with MD5 hash which can be easily cracked by any hacker to obtain a cleartext version.
The data cache has been put up for sale on a Dark Web hacker forum on Jan. 12 by a hacker who uses the handle “DonJuji,” according to RBS.
MobiFriends has neither accepted the January 2019 data breach incident nor the Data leak that happened in Jan 2020. It has also refused to comment on the current incident.