Security Flaw In Israeli Propaganda App Exposed User Data
An app designed to help users spread pro-Israel messages on social media contained a security flaw that exposed the email addresses of its users, The Intercept reported Friday.
Act.il was developed by three pro-Israel groups that receive funding from Las Vegas billionaire Sheldon Adelson. It has been a pet obsession of Israeli Minister of Strategic Affairs Gilad Erdan.
Act.il is essentially a social media app with a video game-like experience: users earn points for completing “missions.” These missions can include reporting the presence of anti-Semitic imagery on Facebook, posting about Israeli military cooperation with other Western militaries and pointing out news and commentary perceived as anti-Israel.
“I was shocked to find that email addresses for users were being shared across the Internet whenever a search is performed,” an anonymous security researcher told The Intercept.
The researcher reported that anyone with rudimentary knowledge of computer code could obtain a log of the email addresses of all the app’s users. The Intercept informed the app’s developer, Rallyware, of the security flaw. Rallyware later fixed the issue.
Contact Ari Feldman at [email protected] or on Twitter @aefeldman.
A message from our editor-in-chief Jodi Rudoren
We're building on 127 years of independent journalism to help you develop deeper connections to what it means to be Jewish today.
With so much at stake for the Jewish people right now — war, rising antisemitism, a high-stakes U.S. presidential election — American Jews depend on the Forward's perspective, integrity and courage.
— Jodi Rudoren, Editor-in-Chief