Men unknowingly flirt with one another thanks to Tinder hack
Hacker’s fake female profiles lure men to chat each other up to highlight harassment issues

Men using Tinder mistakenly flirted with each other after a developer pulled a prank that exposed a serious flaw in the causal dating app.
The developer created a series of fake profiles purporting to be single women, and men who messaged these profiles were matched with one another, instead, according to The Verge.
These fake profiles were used by the Californian hacker to send men's flirty messages back and forth to one another until they discovered the true gender of the person they thought they were speaking to.
The developer told The Verge he did it as an experiment to make men more aware of the kinds of messages they send women which can be aggressively sexual or harassing in nature.
"The original idea was to throw that back into the face of the people doing it to see how they would react," he said.
Exploiting the Tinder API, he discovered there were few security measures to prevent him subverting it to "bot" their software.
"As long as you have a Facebook authentication token, you can behave as a robot as if you were a person," he explained.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Plenty of guys fell for his hack, with him witnessing 40 conversations in just 12 hours intervening when a real-world meet-up looked likely.
He claims men ignored warning signs in desperation for a date, but a security expert said that while Tinder's security should be better, the developer shouldn't have exposed the issue in this manner.
"There is no excuse for exploiting any such vulnerability and mounting this kind of interference, Professor Alan Woodward told the BBC.
"If someone is researching security, then most companies now have a bounty programme that pays them for reporting problems such as this."
He added: "I am surprised that a company that is dealing with such sensitive interactions, which are billed as being truly private, has not seen this loophole in its own penetration testing."
-
GitHub just launched a new 'mission control center' for developers to delegate tasks to AI coding agents
News The new pop-up tool from GitHub means developers need not "break their flow" to hand tasks to AI agents
-
The Allianz Life data breach just took a huge turn for the worse
News Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networks
News Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?
News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
Hackers are targeting Ivanti VPN users again – here’s what you need to know
News Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-days
News The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claim
News Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerability
News A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious risk
News Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to know
News Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances