Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Stupidly simple app phenomenon Yo got hacked, and hacked, and hacked again

Jared Newman | June 23, 2014
A popular app that took eight hours to make has a few security flaws. Who'd have thunk it?


Yo, an ultra-simple messaging app that became an instant phenomenon this week, has already been been hacked.

An unnamed Georgia Tech student told TechCrunch that he can use the app to get any user's phone number, pretend to be another Yo user, and spam users with an unlimited number of "Yo" messages.

The hacker also managed to work around Yo's big hook: He figured out how to send messages containing any text, not just the intended "Yo."

This isn't the only evidence of Yo hacking. As TechCrunch points out, a Vine user claims to have replaced the "Yo" notification sound with a clip of Rick Astley's "Never Gonna Give You Up." Meanwhile, an Instagram user has apparently managed to trigger a custom pop-up message within the app, saying that it's been hacked.

Or Arbel, Yo's founder, confirmed to TechCrunch that the app was "having security issues." Some of those issues have been fixed, he said, and he hoped to patch up the remaining issues within the next few hours.

Yo rose to instant fame--or infamy--earlier this week, following cynical stories by ThinkPress and the Financial Times. The app allows users to send messages to their friends with one tap. The recipient merely hears a high-pitched "Yo," and sees a notification identifying the sender. By the time the first profiles were written, the app had already raised $1 million from investors. No, really.

The app reportedly took just eight hours to create; this seems to be another case of acquiring users first and worrying about security second.


Sign up for MIS Asia eNewsletters.