The Clubhouse app has been hacked and the audio has been repost for everything — what you need to know

The Clubhouse app has been hacked and the audio has been repost for everything — what you need to know

The exclusive, invitation-only iPhone app "Clubhouse" has been making a big splash on the Internet lately, but it is not without its problems Security researchers have already identified a serious flaw in the app's security that has been exploited by unknown hackers

One user was able to stream audio from a clubhouse room to his website This user was subsequently banned, and the company has promised to strengthen its security measures to prevent this from happening again

The hacker was discovered when a cybersecurity expert discovered that audio and metadata were being transferred from Clubhouse to another site It was later discovered that the perpetrators had built a system around the JavaScript toolkit used to compile the Clubhouse application to achieve this [According to Internet 20 CEO Robert Potter (via Bloomberg), "One user set up a way to remotely share his login with people around the world [Clubhouse is currently an invite-only app for the iPhone, and you can't sign up for it the same way you can for Twitter or Facebook Perhaps the hackers exploited an existing security hole as a way to let non-users hear conversations they normally would not have access to

The security hole in question was recently discovered by the Stanford Internet Observatory (SIO), which found that personally identifiable information, including Clubhouse users and chat room IDs, was being sent in plain text, and that raw audio files They also discovered that it is possible to obtain

Initially, this led to concerns about the involvement of Chinese startup Agora, on whose back-end systems the Clubhouse relied If Agora owned Clubhouse's data, it would have to legally hand it over to the Chinese government if requested This information was so damaging to its reputation that the clubhouse was forced to install a more robust system and promise that all data would remain on US servers

It is clear that the measures planned by the clubhouse were not sufficient or have not yet been implemented; according to SIO researcher Jack Cable, the clubhouse has declined to say what additional steps it has taken to avoid such breaches in the future

Clubhouse was launched only last year, but only recently came to the public's attention when Elon Musk used it to interview Robinhood CEO Vlad Tenev Since then, the Clubhouse's popularity has grown rapidly, but the invitation system has severely limited the number of people who can attend Until the situation changes, we will have to wait patiently Given the security hole that was discovered, it is probably a good thing that you can still participate

Categories