Security Flaw In Israeli Propaganda App Exposed User Data
An app designed to help users spread pro-Israel messages on social media contained a security flaw that exposed the email addresses of its users, The Intercept reported Friday.
Act.il was developed by three pro-Israel groups that receive funding from Las Vegas billionaire Sheldon Adelson. It has been a pet obsession of Israeli Minister of Strategic Affairs Gilad Erdan.
Act.il is essentially a social media app with a video game-like experience: users earn points for completing “missions.” These missions can include reporting the presence of anti-Semitic imagery on Facebook, posting about Israeli military cooperation with other Western militaries and pointing out news and commentary perceived as anti-Israel.
“I was shocked to find that email addresses for users were being shared across the Internet whenever a search is performed,” an anonymous security researcher told The Intercept.
The researcher reported that anyone with rudimentary knowledge of computer code could obtain a log of the email addresses of all the app’s users. The Intercept informed the app’s developer, Rallyware, of the security flaw. Rallyware later fixed the issue.
Contact Ari Feldman at [email protected] or on Twitter @aefeldman.
A message from our CEO & publisher Rachel Fishman Feddersen
I hope you appreciated this article. Before you go, I’d like to ask you to please support the Forward’s award-winning, nonprofit journalism during this critical time.
At a time when other newsrooms are closing or cutting back, the Forward has removed its paywall and invested additional resources to report on the ground from Israel and around the U.S. on the impact of the war, rising antisemitism and polarized discourse..
Readers like you make it all possible. Support our work by becoming a Forward Member and connect with our journalism and your community.
— Rachel Fishman Feddersen, Publisher and CEO