Twitch Chat software, the video-game-style chat app for Android phones, has become increasingly popular in recent years, but the latest version of the chat service has some serious security flaws.
As reported by The American Conservatives, the chat software used by the software’s creators to spy on their users is so buggy that it’s possible to trick it into allowing a remote attacker to remotely log into their accounts.
As part of a test, a user’s account was stolen from them by a remote hacker and then replaced with a fake account created by a third party, according to The American Council on Technology.
The software has since been patched by the company behind it, which released a security patch in May, but security experts are concerned that this patch has been too late.
According to the American Council, the security flaws in the chat app are not limited to its ability to remotely login.
While it’s not yet clear how much more malicious activity the chat system can take advantage of, security experts say that any software used to remotely access other people’s accounts is potentially vulnerable to hackers.
The chat software was created by the developers of popular video-chat app Twitch, which itself was developed by a Russian company.
As Ars Technica reported last year, Twitch’s chat apps have also been used by other companies, including YouTube, to broadcast their videos to the internet.
The American Congress on Science and Technology said in a blog post last month that it was working with Twitch to update the chat application to “ensure that the vulnerabilities we discovered are fixed quickly and that we are not in a position to introduce any new vulnerabilities in the future.”
The American council is one of many organizations that has recently raised concerns about the security of chat apps and video-sharing services, including a new cybersecurity bill in the House of Representatives.
Ars Technia reported that a recent survey found that half of US residents would consider buying a smartphone that has a chat app in the past year, and many are also concerned about the potential of hacking and data theft.
Ars is working to identify any other vulnerabilities in Twitch Chat that may exist in the software.