What's truly concerning is that the security researchers over at Trustwave informed the chat app's developer about this issue three months ago, but after not receiving a response to any of their numerous emails they made a decision to go public with this so that users can be informed and can avoid using this app or at the very least sharing any kind of multimedia through it.
Researchers at Trustwave SpiderLabs said that private voice messages, videos messages and photos are all at risk of being compromised by a trivially exploitable flaw in version 7.91. A malicious person could easily start sifting through countless private images that were sent via the app, finding any random people's photos and media that they probably thought was privately shared between just one another. Shortly prior, security firm Avast also listed 21 whole apps that are best to stay away from, as they've been found to bombard users with ads, even outside the app itself, among other things.
The researchers found that the links sent through Go SMS Pro were sequential and could be predicted by someone who knows how it generates links.More news: Mike Pompeo to meet Taliban, Afghan negotiators in Doha
It is advised that users should stop using the application right away until the developers release a fix for the security bug.
As we have informed, the flaw was informed to the developers, and they were asked to fix it in the month of August.More news: Secy. Pompeo denounces boycotts of Israel as anti-Semitic
TechCrunch reported that it tried reaching out to the Go SMS Pro maker by emailing on two addresses connected to the app.
Basically, the way it works is that you can send media files to contacts of yours that might not have the app installed. But the developers did not make any changes, so the researchers then posted about the flaw in the public.
When a Go SMS Pro user sends a photo, video or other file to someone who doesn't have the app installed, the app uploads the file to its servers, and lets the user share a web address by text message so the recipient can see the file without installing the app. The app had over 100 million downloads from Google Play before its removal. However, the China-based company didn't respond and confirm whether the issue was fixed.More news: Five Eyes group urges China crackdown end
Until the bug gets a fix, you can switch to more secure messaging apps which have encrypted options that will protect your files. Data of millions of Go SMS Pro users is available on the web.