{"id":392265,"date":"2018-01-16T20:05:44","date_gmt":"2018-01-16T20:05:44","guid":{"rendered":"http:\/\/citifmonline.com\/?p=392265"},"modified":"2018-01-16T20:05:44","modified_gmt":"2018-01-16T20:05:44","slug":"flaw-in-vr-porn-app-leaves-20000-names-exposed","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/?p=392265","title":{"rendered":"Flaw in VR porn app leaves 20,000 names exposed"},"content":{"rendered":"<p class=\"story-body__introduction\">A flaw that left the personal data of thousands of users of a virtual reality porn app exposed has been fixed.<\/p>\n<p>British cybersecurity firm Digital Interruption uncovered a loophole in the SinVR app that gave it access to 20,000 user names and email addresses.<\/p>\n<p>SinVR thanked it for highlighting the issue and promised to improve security.<\/p>\n<p>&#8220;Altogether, it has been a tremendous learning experience,&#8221; the US-based company\u00a0told tech site Alphr.<\/p>\n<p>&#8220;Moving forward, we are confident in our ability to stop similar attacks and will keep using a professional security service to audit our system.&#8221;<\/p>\n<div class=\"social-embed\">\n<div class=\"social-embed-post social-embed-twitter\">\n<div class=\"embed embed-twitter\">\n<div class=\"embed-region\" role=\"region\" aria-label=\"Twitter post by @DI_Security\">\n<div class=\"twitter-wrap\">\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">Looks like\u00a0@sinvrxxx\u00a0has fixed the vulnerability we raised that exposed thousands of user details. Thanks to\u00a0@troyhuntand\u00a0@securityledger\u00a0for helping us get the word out.<\/p>\n<p>If they&#8217;d like to get in touch with us, we&#8217;d like to share details about some other vulns we found.<\/p>\n<p>\u2014 Digital Interruption (@DI_Security)\u00a0January 14, 2018<\/p><\/blockquote>\n<\/div>\n<p id=\"jump-linkhttps:\/\/twitter.com\/DI_Security\/status\/952585416334553089?ref_src=twsrc%5Etfw&amp;ref_url=http%3A%2F%2Fwww.alphr.com%2Fsecurity%2F1008193%2Fadult-vr-app-sinvr-exposed-names-and-emails-of-thousands-of-users\" class=\"off-screen\" tabindex=\"-1\">\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>SinVR is a pornographic virtual reality game which lets users explore various adult-themed environments and interact with virtual characters.<\/p>\n<p>It works with most major VR headsets including the HTC Vive and Oculus Rift.<\/p>\n<p>In a blog post, Digital Interruption said it had decided to go public after SinVR&#8217;s parent company, inVR, did not respond to emails about the app&#8217;s flaws.<\/p>\n<p>The cybersecurity firm, which had been reviewing the security of several adult-themed websites, said it accessed the personal data of everyone with a SinVR account as well as anyone who paid for content using PayPal.<\/p>\n<p>Passwords and credit card details were not exposed in the hack, it said.<\/p>\n<p>&#8220;Due to the nature of the application, it is potentially quite embarrassing to have details like this leaked,&#8221; Digital Interruption\u00a0wrote in its blog post.<\/p>\n<p>&#8220;It is not outside the realm of possibility that some users could be blackmailed with this information.&#8221;<\/p>\n<p>It&#8217;s not the first time the personal data of those who visit porn sites has been exposed.<\/p>\n<p>In 2016\u00a0the names of almost 800,000 registered users\u00a0of porn site Brazzers were exposed in a data breach.<\/p>\n<p>And last year, German researchers claimed to have\u00a0accessed the porn-browsing habits\u00a0of members of the public by reverse-engineering online data used for targeted advertising.<\/p>\n<p>&#8211;<\/p>\n<p>Source: BBC<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A flaw that left the personal data of thousands of users of a virtual reality porn app exposed has been fixed. British cybersecurity firm Digital Interruption uncovered a loophole in the SinVR app that gave it access to 20,000 user names and email addresses. SinVR thanked it for highlighting the issue and promised to improve [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":392269,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jnews-multi-image_gallery":[],"jnews_single_post":[],"jnews_primary_category":[],"jnews_social_meta":[],"jnews_override_counter":[],"footnotes":""},"categories":[106],"tags":[],"class_list":["post-392265","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/392265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=392265"}],"version-history":[{"count":0,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/392265\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/media\/392269"}],"wp:attachment":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=392265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=392265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=392265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}