Popular video messaging app Houseparty is offering a $1m (£811,000) bounty to anyone who can prove it has been targeted by a commercial “smear campaign”.
Hundreds of social media claims began circulating on Monday that the app has led to other accounts being hacked.
Houseparty denied the claims, saying “the service is secure, has never been compromised, and doesn’t collect passwords for other sites”.
Coranavirus: Is video calling the key to happiness during the COVID-19 lockdown?
The app allows users to make group video calls and take part in quizzes and games.
It has surged in popularity in recent weeks as many countries have introduced social distancing measures during the coronavirus pandemic.
According to Apptopia data, Houseparty’s downloads rocketed by 2,000% from mid-February to mid-March.
It features on the list of the most downloaded apps on Google’s Play store and Apple’s app store.
More from Science & Tech Coronavirus: Thousands of paedophiles preying on children online during lockdown Coronavirus: Doctors hail students making COVID-19 face-visors in makeshift factory Coronavirus: Small labs get £1m to ramp up key worker testing Coronavirus: Generation of start-ups could be ‘wiped out’ without government bailout Coronavirus: NSO Group attempting to woo west with COVID-19 tracking software ‘Missing link’ black hole discovered by astronomers
The app is owned by Epic Games, the company behind Fortnite.
Social media users allege the app has resulted in their other online accounts, including Netflix, Spotify and Instagram, being compromised.
Many called for the app to be deleted and shared the claims around.
In a tweet on Tuesday, Houseparty said it was “investigating indications that the recent hacking rumours were spread by a paid commercial smear campaign to harm Houseparty”.
It continued: “We are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign to firstname.lastname@example.org.
“We have spent the past few weeks feeling humbled and grateful that we can be such a large part of bringing people together during such a hard time.”
Cybersecurity expert Graham Cluley said no legitimate computer security firm had confirmed that there was a problem with Houseparty.
:: Listen to the Daily podcast on Apple Podcasts, Google Podcasts, Spotify, Spreaker
“The fact that you installed Houseparty and then your Spotify account was breached may be entirely and utterly unconnected,” he said.
“Hackers use credential stuffing attacks, using passwords scooped up from previous security breaches, all the time in an
attempt to break into accounts.”
A security expert told Forbes that Houseparty was relatively safe compared to many apps.
“I analysed the app’s permissions usage and since the app provides video chats with your friends it is logical that requested permissions are necessary. I haven’t found any shady misusing of them by the app,” Lukas Stefanko, a researcher with cybersecurity firm ESET, said.
“The app doesn’t provide a lot of in-app options and settings, which creates less scenarios for exploiting security issues.”
SOURCE : https://news.sky.com/story/houseparty-offers-1m-reward-to-anyone-who-can-prove-it-was-part-of-smear-campaign-11966296