The French security researcher Elliot Alderson who earlier made news in India by highlighting security loopholes in Aadhaar has now taken a look at the Koo app and has discovered that the app is leaking sensitive user data including date of birth and email.
Alderson said that his followers urged him to test Koo App and so he did. In a tweet, Alderson stated that he found that the app is leaking the personal data of its users.
Along with three screenshots, Elliot Alderson tweeted, "You asked so I did it. I spent 30 min on this new Koo app. The app is leaking of the personal data of his users: email, dob, name, marital status, gender, ... "
Alderson also shared a snapshot of Koo App's details including the app's domain and registrant. The domain Koo App shows the IP geolocation as the United States. It shows the name of the registrant as Tao Zhou, who also seems to be associated with over 100 domains. The state and country of the registrant is shown as Jiangxi, China.
In a subsequent tweet, Alderson shared a screenshot that showed the app was down. "And it's down," said the ethical hacker along with an image that shows the message 'no healthy upstream' under the Koo App URL.
Know something about Koo, the desi Twitter alternative that's gaining a big push
Poco M3 launched in India, know price, specifications and other details
