Security Researchers Find Bugs in Moovit App, Hackers Can Access Users' Credit Cards
JAKARTA - Not long ago, a cybersecurity researcher Omer Attias at SafeBreach revealed a vulnerability in the Moovit app, which would allow users to lose their accounts and personal data.
Attias also said that the three vulnerabilities allowed him to gather registration information for new Moovit users from around the world including cell phone numbers, email addresses, home addresses, and the last four digits of a credit card.
The worst part is, a bug could have allowed him to take over someone else's account, and as a result their credit card could be freely used by the hacker.
Moovit is a Google Maps-like travel app that started Israel. This application allows users to find routes and view public transportation systems that they can use to get to their destination. The application can also be used to buy and use tickets.
Speaking to TechCrunch, Attias said that the impact of this vulnerability has the potential to be large. Attias said that he had reported all the bugs found to the company in September 2022, and the company then fixed them.
اقرأ أيضا:
Moovit was aware of and fixed the issue when it was reported, and is taking immediate steps to resolve the correction of the issue, Moovit spokesperson Sharon Kaslassi told TechCrunch.
However, Moovit says there is no evidence that malicious hackers found and exploited this bug. Because until now, no credit card information has been exposed because Moovit and Moovit-Pango do not store user credit card information.