Recently I discovered a database that contained records of a application called 419 Dating – Chat & Flirt. According to multiple listings of software download sites, 419 Dating – Chat & Flirt is developed by a Chinese company called SILING APP (also visible in the web archive). I immediately sent a responsible disclosure notice and although the database was quickly secured no one ever replied. The app used to be available on the Google Play Store but was removed shortly after my notification. However, the app is still available on many other websites. Per its own advertisement campaign, the 419 Dating app claims to have 50 million users worldwide.
419 dating offers online dating, chat, and flirt platforms allow users to connect with others for socializing, making friends, or seeking romantic relationships. They provide a platform for people to interact, exchange messages, and potentially meet in person.
What the database contained:
- Total number of records: 2,357,896 with a total size of 340.6 GB
- 959,571 images of users. Some of these images were NSFW (not safe for work) and contained sexually explicit images. I saw close up pictures of body parts and those with the users’ faces. These identifiable images combined with names and emails could be a potential risk to the user.
- A single backup log contained 236,681 Gmail addresses, 15,703 Yahoo Mail accounts, 3,872 iCloud addresses, as well as many other addresses from various email providers. Remember this was only a sampling of one server log out of 600 from the folder db_backup. In the same backup file, there were records of more than 500 profiles containing the word “escort” and offering sexual services; they had associated phone numbers, email addresses, and social media accounts.
- The database also contained exposed Software Development Kit (SDK) files, which are packages or collections of software tools, libraries, documentation, and resources that developers use to create software applications for a specific platform or framework. This could lead to the creation of applications with hidden malicious functionalities or vulnerabilities.
Read my full report here.