Security flaws in Freedom Chat app exposed users’ phone numbers and PINs

Freedom Chat, a messaging application launched in June, has recently addressed two significant security vulnerabilities. These flaws were discovered by security researcher Eric Daigle, who reported that it was possible to guess the phone numbers of users and expose their personal PIN codes. Initially marketed as a secure messaging platform, Freedom Chat claims to prioritize user privacy by keeping phone numbers confidential. However, Daigle revealed to TechCrunch that he was able to exploit specific vulnerabilities, allowing him to access sensitive information related to nearly 2,000 users who signed up since the app's inception. After being informed by TechCrunch, founder Tanner Haas confirmed that the app has taken immediate action, resetting all user PINs and releasing an updated version of the application. Moreover, the team is actively working to eliminate instances where users' phone numbers were unintentionally visible and has implemented rate-limiting measures to thwart potential mass guessing attacks. In his findings, Daigle highlighted how Freedom Chat’s servers permitted unsolicited attempts to guess phone numbers, echoing a similar technique described in a recent study by the University of Vienna. This method involved matching phone numbers against server data, leading to the exposure of vast user information. Additionally, Daigle discovered that the app was leaking user PINs. By utilizing an open-source network traffic inspection tool, he found that the app inadvertently revealed the PINs of all users in a shared public channel, even when those codes were not visible within the app itself. This flaw meant that anyone participating in the default channel could see the PINs of other users, potentially compromising their accounts. In a recent update, Freedom Chat reassured users that despite the exposure, no messages were at risk, as the app does not support linked devices. They emphasized that user privacy remains a top priority and have taken steps to enhance security protocols moving forward. This incident marks the second time Haas has faced security challenges with a messaging application, following issues with his previous app, Converso, which was removed from app stores due to similar vulnerabilities.