Twitter ‘replacement’ Hive shuts off service in privacy alert

Hive Social, a social media community that has gained important traction as a possible Twitter “replacement” after the latter was taken over by erratic tech billionaire Elon Musk, has been compelled to close down its servers after moral hackers recognized main vulnerabilities in the service that would probably have put person information at important threat.

Zerforschung, a decentralised collective of German hackers, began poking underneath Hive’s bonnet after the location started to draw customers in earnest in mid-November. They mentioned they discovered a number of crucial vulnerabilities that they reported to Hive in confidence.

Hive acknowledged the report and claimed to have mounted the problems, however the collective mentioned this was not in reality the case.

“The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages,” said Zerforschung.

“This additionally contains non-public electronic mail addresses and cellphone numbers entered throughout login. Attackers may also overwrite information, akin to posts owned by different customers.

“We strongly advise against using Hive in any form in the current state.”

The collective mentioned that it will not be publishing an in-depth technical evaluation of what it had discovered at this stage, in order to not endanger the privacy of Hive’s customers.

Posting on Twitter, a Hive spokesperson mentioned: “The Hive crew has grow to be conscious of safety points that have an effect on the steadiness of our utility and the security of our customers. Fixing these points would require quickly turning off our servers for a few days whereas we repair this for a greater and safer expertise.

“We plan to work tirelessly until we can get back online and we hope to welcome you back to a faster and more stable Hive very soon.”

Hive was based in 2019 by California-based scholar and former Instagram influencer Raluca Pop, who additionally makes use of the alias Kassandra Pop. Speaking to Newsweek final month, Pop mentioned she determined to have a go at making a social media house for herself after changing into pissed off with modifications to Instagram’s algorithm. She teamed up with a contract developer and taught herself to code, earlier than releasing the primary model of the app in October of that 12 months.

Since then, the service has been increasing slowly however absolutely, and for a time was essentially the most downloaded utility on Apple’s iOS App Store after being featured in Teen Vogue journal. It acquired its first injection of enterprise capital funding in October 2021.

The service now boasts greater than 1.5 million customers, a quantity that has been ballooning since Musk’s takeover of Twitter and his reinstatement of hundreds of suspended accounts linked to the far proper of the political spectrum.

In the wake of Hive’s shutdown, ESET world cyber safety adviser Jake Moore mentioned: “With many individuals at the moment looking out to probably substitute Twitter, they could be fast to obtain a lot of options, however this might be on the detriment to their private data. The explicit information uncovered on Hive Social that’s obtainable is worryingly intrusive and damaging to customers.

“Many individuals can have downloaded Hive Social on the advice from a pal or peer group, however that is usually the place the due diligence stops and safety and privacy stay an afterthought. The delicate data that might be considered, akin to non-public posts, cellphone numbers and messages, might have triggered additional social engineering assaults by acquiring extra particulars, akin to monetary credentials.

“People must be reminded to carry out research on new apps before downloading them and to limit the amount of data they lend to new applications, especially social media platforms which demand relatively personal data to function.”

Speaking to Computer Weekly final month, Moore mentioned it was not essentially applicable, or the fitting time, for organisations or people to droop their use of Twitter.

“Things change rapidly all the time, and I don’t want to see companies shoot themselves in the foot if Musk has other ideas to sell the platform on, or has something else in mind,” he mentioned. “Companies and users alike should err on the side of caution where they can.”