Mitron App, an Emerging TikTok Alternative, Said to Have Vulnerability That Puts User Accounts at Risk

Mitron app allows an attacker to gain access to a victim’s profile and send messages to other users.

Advertisement
By Jagmeet Singh | Updated: 30 May 2020 19:58 IST
Highlights
  • Mitron app allegedly allows attackers to take over user accounts
  • It uses unique user IDs to enable login
  • Mitron app developer is yet to fix the reported vulnerability
Mitron App, an Emerging TikTok Alternative, Said to Have Vulnerability That Puts User Accounts at Risk

Mitron app already has over 50 lakh downloads on Google Play

Mitron app, which was launched as an alternative to TikTok and has gained notable popularity in a short time, allegedly has a vulnerability that could allow an attacker to compromise user accounts and send messages on behalf of a specific user. The flaw doesn't allow any bad actor to steal personal information such as the email ID that a user has used to sign up an account on the Mitron app. However, it can be exploited to gain access to the profile of the affected user. The Mitron app is so far exclusive to Android and has reached over 50 lakh downloads on Google Play.

By exploiting the vulnerability of the Mitron app, an attacker could send messages to other users and even follow other people or comment on behalf of the victim, cyber-security researcher Rahul Kankrale told Gadgets 360. He said the issue exists within the login process of the app that allows bad actors to intercept and gain the unique user ID of the victim that can be used to log in to their accounts — without requiring any passwords or an additional verification.

Kankrale also mentioned that the developer of the Mitron app isn't using the Secure Sockets Layer (SSL) protocol to secure the login. Although the app does allow users to login with their existing Google accounts, it processes the login through the unique user ID instead of using the provided Google account, he added.

He has also made a video showing the scope of the vulnerability that is yet to be fixed. He initially informed security-focussed site The Hacker News about the vulnerability.

Advertisement

Gadgets 360 didn't elicit a response from the email address provided on the Google Play listing of the Mitron app to get clarity on the flaw.

The Mitron app came into limelight as an India-made solution to counter TikTok. Some reports claimed that it was made by a student of IIT Roorkee. However, on Friday, it was reported that the app is not made in India and brought from a Pakistani software developer firm Qboxus.

Gadgets 360 doesn't recommend anyone to install and use the app that doesn't have any clarity about its makers and has at least one major vulnerability that is yet to be fixed.


Is Realme TV the best TV under Rs. 15,000 in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Mitron app, TikTok, Mitron
Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus 13s Price in India Leaked Ahead of Launch on June 5
  2. Tecno Pova Curve 5G Launched in India With This Price Tag
  3. Nothing Phone 3 Design Teaser Shows Textured Button
  4. Lava Bold N1, Lava Bold N1 Pro Debut in India With Budget Price Tags
  5. Google's SignGemma AI Model Can Translate Sign Language Into Spoken Text
  6. WhatsApp Might Introduce a 'Logout' Button for Users Who Need a Break
  7. Realme Neo 7 Turbo With 7,200mAh Battery Goes Official; All Specifications
  8. Infinix GT 30 Pro 5G: Launch Date, Expected Price in India, Features & More
  1. Samsung Galaxy Z Fold 7, Galaxy Z Flip 7 to Debut With Android 16-Based One UI 8
  2. Tencent Launches HunyuanPortrait, an Open-Source AI Model for Animating Portraits
  3. Realme Neo 7 Turbo With MediaTek Dimensity 9400e SoC, 7,200mAh Battery Launched: Price, Specifications
  4. Google Unveils SignGemma, an AI Model That Can Translate Sign Language Into Spoken Text
  5. Apple Adds iPad Air, iPad Pro and Other Models to Its Self Service Repair Programme
  6. Lava Bold N1, Lava Bold N1 Pro With 5,000mAh Battery Launched in India: Price, Specifications
  7. OnePlus 13s Price in India Leaked Ahead of Global Launch on June 5
  8. EA Reportedly Cancels Black Panther Game, Shuts Down Developer Cliffhanger Games
  9. Bitcoin will Hold Strategic Importance to Strengthen US' Position Against China, Says JD Vance
  10. Google Photos 10 Year Anniversary Updates Bring Redesigned Editor, QR Code for Easy Album Sharing
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.