Analyst Reveals LINE App Vulnerability, Billions Of User Messages Threatened

JAKARTA LINE, an encrypted Japanese application, is revealed to have many methods of attack for threat actors. This makes billions of messages in LINE vulnerable to leakage and data misuse.

This problem was highlighted by Takanori Nishiyama, SVP APAC and Japan Country Manager Keeper Security. Takanori mentioned a number of identified attack methods, ranging from message return, text presentation via stickers and URL preview, to imitulation through intermediate techniques.

On LINE, users have limitations in validating the server function. This provides opportunities for cybercriminals who want to exploit users. In addition, encrypted message data can be replayed out of context.

This finding shows a weakness in the design of a smooth protocol. This design can be used as a weapon, even in systems that are claimed to be safe. According to Takanori, companies and public organizations must consider this finding an early warning.

"The encryption alone is not enough," said Takanori, quoted on Saturday, November 29 in a statement received by VOI. He added that the server protocol and architecture must be validated and audited independently in a sustainable manner.

According to Takanori, the company must regulate its special access with very strict controls, ranging from strong authentication to session monitoring to reduce the risk of abuse of credentials. This action is perceived as being able to maintain operational integrity when the security environment is under pressure.

"It's about how the message is handled before leaving the device, how the message is processed across the service infrastructure, and whether the system design prevents the service provider itself from becoming the weakest link," explained Takanori.