Southwest Airlines iPhone App Has The Eavesdropping Vulnerability
University of Colorado recently checked the security of 230+ widely liked iOS apps because they wanted to know how much secured different apps for smartphones and tablets. They made really shocking discovery. The biggest potential security breach is hidden in Southwest Airlines app for iPhone. This app leaves user data vulnerable to different hackers.
When you just login to Southwest Airlines iPhone app on your smartphone using the Rapid Rewards account, their app submits the username and password data as unencrypted plain text to the Southwest Airlines remote data server, which is mobile.southwest.com. The possible attacker can just sniff for the information on the wireless network and simply steal it. As for me it is a real hacker's dream! If the victim's credentials were stolen, this hacker could utilize those data to login to your account and they'd have full access to everything the victim had access to, such as birthdays, e-mails, phone numbers, addresses and credit card data.
They could possibly book any flight in the name and on behalf of the victim. This not only evidently worrisome from the point of the possible attacker fraudulently utilizing the victim's account and private credit card data, but in addition because of the probability of terrorist threats in the air.
The probability of being capable of getting this information is particularly possible since Denver International proposes free Wi-Fi and it’s an absolutely unencrypted network. The possibility that the Southwest passenger would initially login to their private account is in addition quite high because they have the whole terminal in the C concourse to themselves. Nevertheless, this could happen on any type of wireless network.
Think about the probability of some person who is on the No-Fly list of the Department of Homeland Security at present time. If this person is a hacker who was capable of capturing the credentials of the victim and creating fake ID, he or she could simply pass through the TSA security and not being stopped.
So what can you do if you need to use that app but don’t want to become the hacker’s victim? You need to prevent hackers from using Southwest Airline iPhone app security vulnerability to steal your personal data, securing your credentials from being stolen and used with bad intentions or even terroristic purposes.
Did you know about this security vulnerability? Will you use this app in the future? Leave your comments below!