Security Flaw In Israeli Propaganda App Exposed User Data
An app designed to help users spread pro-Israel messages on social media contained a security flaw that exposed the email addresses of its users, The Intercept reported Friday.
Act.il was developed by three pro-Israel groups that receive funding from Las Vegas billionaire Sheldon Adelson. It has been a pet obsession of Israeli Minister of Strategic Affairs Gilad Erdan.
Act.il is essentially a social media app with a video game-like experience: users earn points for completing “missions.” These missions can include reporting the presence of anti-Semitic imagery on Facebook, posting about Israeli military cooperation with other Western militaries and pointing out news and commentary perceived as anti-Israel.
“I was shocked to find that email addresses for users were being shared across the Internet whenever a search is performed,” an anonymous security researcher told The Intercept.
The researcher reported that anyone with rudimentary knowledge of computer code could obtain a log of the email addresses of all the app’s users. The Intercept informed the app’s developer, Rallyware, of the security flaw. Rallyware later fixed the issue.
Contact Ari Feldman at [email protected] or on Twitter @aefeldman.
A message from our Publisher & CEO Rachel Fishman Feddersen
I hope you appreciated this article. Before you go, I’d like to ask you to please support the Forward’s award-winning, nonprofit journalism during this critical time.
We’ve set a goal to raise $260,000 by December 31. That’s an ambitious goal, but one that will give us the resources we need to invest in the high quality news, opinion, analysis and cultural coverage that isn’t available anywhere else.
If you feel inspired to make an impact, now is the time to give something back. Join us as a member at your most generous level.
— Rachel Fishman Feddersen, Publisher and CEO