New Video from @seytonic Highlights Data Breaches and Cybercrime Attempts

The video begins with a discussion about a recent incident involving the dating advice app for women, Tea. Two weeks ago, 4chan targeted this app, leading to the leak of thousands of government IDs, the hacking of private messages, and a series of impending lawsuits. The situation became even more complicated when a rival app, Tea on Her, was created to capitalize on the drama, quickly becoming the second most popular lifestyle app on the App Store.

The Tea app presents itself as a suite of security tools for dating, allowing women to check the backgrounds of potential dates, ensure they are not being catfished, and discuss their experiences with other users. However, the app failed to protect its users' data. An anonymous 4chan user revealed that Tea was using Firebase, a Google platform, to manage its data. Unfortunately, the Firebase configuration was incorrect, allowing unauthorized access to gigabytes of user photos, including verification selfies and direct message images.

The problem did not stop there. Three days after the first leak, a second breach exposed millions of private messages containing sensitive information such as discussions about unfaithful husbands and abortions. A security researcher discovered this vulnerability and responsibly disclosed the information, but this did not prevent ten women from filing complaints against the app.

Meanwhile, a new app called Tea on Her was launched, copying the concept of Tea but for men. This app allows users to create profiles of women they have dated and tag them with green or red flags based on their experience. However, Tea on Her also reproduced the same vulnerability as the original app, publicly exposing users' government ID photos. TechCrunch researchers discovered this flaw, but the app's developer did not respond to their emails.

The video also discusses an attempted hack by a group of cybercriminals using a Raspberry Pi to target ATMs. The group, known as Lightbasin, physically entered a bank to connect the Raspberry Pi to a network switch, hoping to bypass firewalls and access the ATM switching server. Although their plan initially succeeded in infiltrating the bank's network, it failed when the Raspberry Pi was discovered and disconnected by an employee.

In conclusion, the video highlights the serious consequences of security vulnerabilities in apps and the bold attempts by cybercriminals to exploit these weaknesses. It underscores the importance of data security and constant vigilance in the digital world.

For more details, watch the full video at the following address: https://www.youtube.com/watch?v=wg0z_TflQ7c