Yo App Ranked in College Top 10 App Store in the US

Just yesterday , the news was published on Habré about the simple "Yo" application, which suddenly became popular. This app made it into the top 10 App Store apps in the US, plus received $ 1 million in investments.

The application was even noted by Elon Musk, who called him the best messenger (this message is already worn, but the Internet remembers everything, yes):



Well, today it turned out that the application has already been hacked by three college students.

Hacking allows, firstly, to find out the phone number of any user of the application (crackers have already learned the phone number of the creator of the application, and talked to him). Secondly, they can send "Yo" in any quantity to any user. Thirdly, hacking allows you to send a push notification to any user with any text (the guys decided not to do this).

In general, crackers have already informed the author of the application about the problem, and he confirmed the fact of hacking to Techcrunch. Now the developer is trying to eliminate the vulnerabilities of the application, although it is not clear exactly which vulnerability can lead to the above hacking.

Nevertheless, the author of the application promises to solve the problem "in just a few hours."

By the way, yesterday another user of the application, taking the nickname “ELONMUSK”, created a “storm in a glass”, forcing other users to believe that Elon Musk was sending messages to these users. Of course, immediately a bunch of joyful tweets like “Elon Musk sent me Yo!” Appeared:



This is social engineering, not the application’s vulnerability, here the author describes how everything was done (English).

Via techcrunch