Maharashtra Cyber cell has issued an advisory for users of TikTok rival app ‘Mitron’. The advisory warns the users about how the app is vulnerable and hackers can easily access accounts. The advisory was posted on tweeter by the cyber cell and stated that anyone can gain access to the Mitron account by only entering the user ID.
Meanwhile, Mitron app was removed from the Google Play Store for not following its security guidelines.
The Google policy states "We don't allow apps that merely provide the same experience as other apps already on Google Play. Apps should provide value to users through the creation of unique content or services."
One can sign-in the Mitron app by using their existing google accounts. During the sign-in, the app asks for your permission to access profile information via your Google account. Shockingly, there is no Secure Sockets Layer (SSL) protocol used by the app during login, which makes it easier for the hackers to sign-in into any account without knowing the password. Thereafter, hackers can comment and send messages on the users’ behalf.
Mitron is not an app created in India, it was bought by an Indian from a software developing company Qboxus in Pakistan, which is another concern raised by the cyber cell. CEO of Qboxus claims that there were no real changes made by the person who bought it, and the app went live by just changing the name and the logo. The person who bought it from Qboxus is still unknown.
People who have already downloaded this app, have been advised to uninstall it by the cyber cell as a measure to prevent any loss of personal information. The advisory reads as, “Always look into applications and their developers – Are there credible reviews?.. If anything feels “Phishy” or unusual, there is probably a reason for it.”