Mitron app, the Indian version of TikTok, grew in popularity with the anti-TikTok sentiment that spread like wildfire across India. Many users flocked to this new "Indian-made" app with the intention to boycott the Chinese app. Mitron, like TikTok, offered users a similar experience of viewing and sharing short video clips, but drew a lot of negative press after its origin was traced back to Pakistan in addition to its founder's lack of digital presence.
Mitron's security flaws explained
In an advisory note dated June 2, Maharashtra Cyber cell listed the critical vulnerability in Mitron app and even advised millions of users to uninstall the app as it poses a serious security threat to personal information and data.
As per the advisory, Mitron app's vulnerability lets hackers exploit users' accounts by easily taking control. The cyber cell pointed out that the app uses "Login with Google" feature to sign up but doesn't use or create any secret tokens for authentication. Shockingly, anyone can log in to Mitron account using the unique user ID, which can be accessed from the page source, without needing a password.
Additionally, Mitron app does not use SSL protocol for login. Hackers could easily take control of the accounts, send messages, follow others and even comment without the account holder's permission.
Why uninstall Mitron?
For those who value privacy, must take this step. "As a precautionary measure, users are advised to uninstall this app as it can put your personal information and data at risk," the cyber cell warned.