Categories: Security

Secure Chat App Crypto Has Serious Security Issues

In the age of creative viruses and phishing scams, you should make efforts to protect your privacy and personal information online, in addition to securing your various devices. This means that you should regularly scan your devices for malware, to make sure that you catch any of the latest threats before they can do any damage. Use DFNDR’s Full Virus Scan to check your smartphone and SD card for malware:

From cloud-based messaging to encrypted messaging apps, plenty of apps are aiming to fill this interest in privacy with new and innovative tools. But one app that aims to protect your privacy in fact does the opposite: it puts you more at risk. Here we’ll talk about the Crypto app — and other encryption apps — and describe why they’re actually putting your privacy at risk.

What is the Crypto App?

Crypto turns whatever you type into a hash code. A hash code is a series of letters, numbers, and symbols that encrypt the text until a user wants to translate it back to plain text. Crypto helps you to encrypt your text messages and passwords so no one can read them without permission.

Is Crypto the First App of its Kind?

No, there have been plenty of apps that encrypt messages this way or offer different kinds of text protection. For example, the app Confide has allegedly been used by White House and Washington D.C. Republicans to exchange messages without the possibility of leaks. Confide works by self-destructing messages after a certain length of time.

What’s Wrong With Encrypted Apps?

Experts don’t like encrypted apps like Crypto and Confide because, according to them, the app makers haven’t allowed third-parties to examine the code. That means that these apps can be — and often are — susceptible to vulnerabilities. When examined by an outside auditor, the Confide app, for example, was found to have vulnerabilities that had existed for three years. These vulnerabilities are a problem because so many use these apps to send personal and private information that they don’t want to be discovered.

The problems with the hottest new encryption apps, like Crypto right now, are that they often want to roll out so quickly that they don’t have any oversight over the code that they’re producing. That means that a similar problem with vulnerabilities like Confide could happen to any of these new “secure” messaging apps. Remember, audits are important.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.