{"id":2206572,"date":"2024-09-25T12:26:18","date_gmt":"2024-09-25T03:26:18","guid":{"rendered":"https:\/\/koreapro.org\/?p=2206572"},"modified":"2024-09-26T16:27:10","modified_gmt":"2024-09-26T07:27:10","slug":"south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users","status":"publish","type":"post","link":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/","title":{"rendered":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users"},"content":{"rendered":"

Millions of South Koreans rely on KakaoTalk \u2014 the country\u2019s most popular and ubiquitous messaging app \u2014 for everything from chatting with friends and family to accessing essential services. However, new research has exposed longstanding business practices that could heighten the app\u2019s vulnerabilities.<\/span><\/p>\n

These reported vulnerabilities potentially allow attackers \u2014 as well as Kakao \u2014 to access users\u2019 supposedly encrypted chats, reawakening past concerns about the privacy of KakaoTalk users\u2019 personal communications.<\/span><\/p>\n

These issues follow other controversies in recent years about personal data breaches from Kakao\u2019s varied services, ranging from criminals selling <\/span>stolen user information<\/span><\/a> in underground markets to payment data being <\/span>handed over<\/span><\/a> to Alipay, a Chinese e-payment service company.<\/span><\/p>\n

The complex code base supporting the South Korean technology giant\u2019s interlinked services makes it all the more difficult to fix these <\/span>issues<\/span><\/a>, but the new research also highlights gaps in Kakao\u2019s approach to engaging the global security community.<\/span><\/p>\n

Unlike other global technology companies, Kakao only allows South Korean nationals to benefit from its bug bounty program, an initiative that rewards ethical hackers who uncover vulnerabilities in exchange for rewards.<\/span><\/p>\n

Many companies operate similar programs to improve their security and protect users from malicious actors, but Kakao\u2019s aversion to rewarding foreign security researchers could limit the effectiveness of its bug bounty scheme.<\/span><\/p>\n

EXPOSING VULNERABILITIES<\/b><\/p>\n

KakaoTalk introduced its <\/span>Secret Chat<\/span><\/a> function using end-to-end encryption following the Sewol ferry disaster in 2014 after <\/span>controversy<\/span><\/a> erupted over then-President Park Geun-hye\u2019s administration accessing South Korean users\u2019 private chat messages to target critics.<\/span><\/p>\n

Following the Sewol incident, Park <\/span>announced<\/span><\/a> that the government would investigate any insults directed against her on social media, including <\/span>private messages<\/span><\/a> sent through KakaoTalk.<\/span><\/p>\n

After outraged South Koreans decided to boycott the country\u2019s most popular chat app over the government\u2019s access to their private messages, Kakao <\/span>pledged<\/span><\/a> to reject government requests for user data and hastily <\/span>introduced<\/span><\/a> Secret Chat as well as an option to decline chat invites.<\/span><\/p>\n

The new update was built directly on top of Kakao\u2019s existing LOCO protocol, the underlying program <\/span>introduced<\/span><\/a> in 2011 to improve KakaoTalk transmission speeds, but restricted end-to-end encryption to the opt-in Secret Chat rather than rolling it out to all messaging options.<\/span><\/p>\n

\"\"

South Koreans engrossed in their phones during their daily commute | Image: Marc Smith via Flickr<\/a> (Nov. 11, 2010) (Creative Commons – CC BY 2.0 – Attribution 2.0 Generic<\/a>)<\/em><\/p><\/div>\n

As questions remained about the effectiveness of KakaoTalk\u2019s partial encryption approach, independent cybersecurity researcher Dawin Schmidt began looking into KakaoTalk\u2019s <\/span>Secret Chat<\/span><\/a> as part of his master\u2019s thesis in 2016.<\/span><\/p>\n

Working in conjunction with The Citizen Lab, a Canada-based initiative that studies information controls and internet openness and security, Schmidt identified underlying weaknesses in Secret Chat\u2019s end-to-end encryption protocol.<\/span><\/p>\n

Although Kakao <\/span>acknowledged<\/span><\/a> the issues that Schmidt <\/span>flagged<\/span><\/a> at the time, the company concluded that many of them required little to no change.\u00a0\u00a0<\/span><\/p>\n

When Schmidt revisited his analysis recently, he discovered that the core problem largely remained unresolved.<\/span><\/p>\n

In a recent <\/span>blog post<\/span><\/a> outlining his analysis, the researcher explained that Secret Chat lacks \u201cciphertext integrity,\u201d which potentially allows attackers to intercept and manipulate encrypted text.<\/span><\/p>\n

Another prominent vulnerability is the absence of server-side authentication connected to the LOCO protocol, which means KakaoTalk may \u201cblindly trust\u201d communications from malicious actors and possibly allow them to retrieve information from encrypted user chats.<\/span><\/p>\n

INHERITING LEGACY PROBLEMS<\/b><\/p>\n

Schmidt stated in his blog post that these vulnerabilities and other associated gaps potentially allow Kakao to read encrypted messages from private chat rooms but emphasized that this does not mean it has any intention of doing so.\u00a0<\/span><\/p>\n

He added that many end-to-end encrypted messaging apps have the same issue, which stems from how such platforms are <\/span>designed<\/span><\/a>.<\/span><\/p>\n

The researcher explained to <\/span>Korea Pro<\/span><\/i> that the vulnerability may not affect many users as Secret Chat lacks basic chat app functionality like voice calling support, which could limit its adoption.<\/span><\/p>\n

However, he added that Secret Chat would likely be attractive to more privacy-conscious users who want to exchange end-to-end encrypted messages, such as human rights activists and journalists, and such weaknesses could expose them to risk.<\/span><\/p>\n

Schmidt explained that the issues largely stem from Kakao building Secret Chat on top of its legacy LOCO protocol rather than developing a new one from scratch.<\/span><\/p>\n

\u201cThe old legacy protocol already had a couple of flaws. So if you put a secret chat on top of it, it inherits the old flaws as well,\u201d he said.<\/span><\/p>\n

He stated that the Secret Chat function lacks some important features one would typically see in a secure end-to-end encryption protocol, like forward secrecy, a cryptography feature that protects against compromise.\u00a0<\/span><\/p>\n

Schmidt also said KakaoTalk\u2019s protocol should be open-source and published and reviewed by independent third parties to improve security, a practice followed by privacy-focused messaging apps like Signal.<\/span><\/p>\n

When revisiting his analysis of the Secret Chat vulnerability this year, Schmidt also discovered other <\/span>weaknesses<\/span><\/a> that allowed attackers to take over user accounts and read their chat messages.<\/span><\/p>\n

He found the weakness while examining KakaoTalk\u2019s built-in shopping feature as an entry point and eventually navigated the app\u2019s interconnected services to uncover gaps that can be used to steal messages.<\/span><\/p>\n

\"\"

Screenshot of vulnerability test demonstrating how attackers could take over user accounts before KakaoTalk patched the issue | Image: Dawin Schmidt<\/a><\/em><\/p><\/div>\n

In this case, Kakao <\/span>responded quickly<\/span><\/a> to Schmidt\u2019s queries and patched most of the flaws but did not reward him under the company\u2019s <\/span>bug bounty program<\/span><\/a> as it is not open to foreign nationals.<\/span><\/p>\n

Despite Kakao seemingly having fixed the initial issues, the researcher told <\/span>Korea Pro<\/span><\/i> that the multi-functional app\u2019s complexity means there may well be more infection points attackers can take advantage of.<\/span><\/p>\n

Ovi Liber, a research director at Seoul-based cybersecurity nonprofit Interlab, warned that gaps in password recovery mechanisms or insecure session management could allow attackers to bypass authentication or hijack active sessions to take control of user accounts.<\/span><\/p>\n

\u201cDespite Kakao\u2019s quick response in addressing these issues, failure to patch such vulnerabilities promptly could leave users at serious risk of privacy breaches and financial theft,\u201d he told <\/span>Korea Pro<\/span><\/i>.<\/span><\/p>\n

WHY THE PROBLEMS PERSIST<\/b><\/p>\n

Although eight years have passed since Schmidt first reported Secret Chat\u2019s vulnerabilities, the problems still remain, highlighting the challenges of fixing such issues.<\/span><\/p>\n

Schmidt said a major challenge lies in the fact that all the weaknesses stem from the initial LOCO protocol.<\/span><\/p>\n

\u201cFor Kakao, it is very difficult to change an already running protocol in this heavily used application because they would need to make fundamental changes,\u201d he said.<\/span><\/p>\n

\u201cThat’s not an easy task if you have a widespread application like this already out in the market.\u201d<\/span><\/p>\n

With an <\/span>estimated<\/span><\/a> 45 million South Koreans \u2014 almost 90% of the country\u2019s population \u2014 using KakaoTalk, extensive changes could cause problems for a country that relies heavily on the app for numerous necessities.\u00a0<\/span><\/p>\n

Another hurdle is the sheer complexity of the app. Kakao services include ride-hailing, shopping and payments, in addition to being widely used for authentication for all kinds of South Korean necessities ranging from commercial platforms to the national tax service.<\/span><\/p>\n

KakaoTalk\u2019s increased vulnerability, which results from its many linked services, is apparent in Schmidt\u2019s findings.<\/span><\/p>\n

\u201cThe more features you add to an application, the more you expose it and the more vulnerabilities you have potentially,\u201d he said. \u201cEven if you have a vulnerability with different features, it could affect the core of the application.\u201d<\/span><\/p>\n

TURNING A BLIND EYE<\/b><\/p>\n

Another problem exposed by Schmidt\u2019s investigation into Kakao\u2019s vulnerabilities is the exclusion of foreign nationals from its bug bounty program.<\/span><\/p>\n

Technology companies around the world rely on open <\/span>bug bounty programs<\/span><\/a> that invite well-intentioned hackers to test their services for vulnerabilities, which the companies then fix to prevent threats from more dangerous actors.<\/span><\/p>\n

Several leading <\/span>South Korean organizations<\/span><\/a> operate similar <\/span>bug bounty programs<\/span><\/a>, but Kakao\u2019s policy of excluding foreign nationals from its rewards program appears to be an exceptional case.<\/span><\/p>\n

Kakao\u2019s exclusionary bug bounty policy will only serve to hamper the security of its services, according to Schmidt.<\/span><\/p>\n

Noting that KakaoTalk\u2019s large user base makes it an attractive target, he said less scrupulous hackers may choose to sell information about vulnerabilities on the black market, making it all the more critical that Kakao works with \u201cwhite hat hackers\u201d who report bugs to improve security.<\/span><\/p>\n

In his <\/span>correspondence<\/span><\/a> with Kakao about the vulnerabilities he discovered this year, Schmidt advised the company to open up its bug bounty program, but this feedback did not lead to any change.<\/span><\/p>\n

In response to a <\/span>Korea Pro<\/span><\/i> query, Kakao said it currently excludes foreign nationals from its bug bounty program because there are no means to check the applicants\u2019 countries\u2019 tax laws and related issues.<\/span><\/p>\n

It added that there is also a risk that foreign researchers may live in countries subject to economic sanctions, a factor that is also mentioned on Kakao\u2019s bug bounty website.<\/span><\/p>\n

\"\"

The Kakao bug bounty program restricts the rewards scheme to South Korean nationals in South Korea and abroad | Image: Kakao Bug Bounty website<\/a>, edited by Korea Pro<\/em><\/p><\/div>\n

However, by excluding foreign nationals, Schmidt and Liber told <\/span>Korea Pro<\/span><\/i> that Kakao is effectively limiting itself as well as the potential for international white hat hackers to help it.\u00a0<\/span><\/p>\n

\u201cBug bounty programs, while intended to incentivize vulnerability discovery, are increasingly becoming exploitative to researchers by imposing restrictive policies that limit researcher eligibility, such as this,\u201d Liber said.<\/span><\/p>\n

To mitigate these issues, he called for unions or collective action among bug bounty researchers to push for standardized compensation, transparency and fair treatment.<\/span><\/p>\n

PUSHING FOR IMPROVEMENT<\/b><\/p>\n

South Koreans remain heavily reliant on KakaoTalk and other homegrown technology giants, making it all the more necessary that these companies adopt a security approach that is more in line with global standards.<\/span><\/p>\n

To improve cybersecurity, Liber advised South Korean companies to adopt more inclusive bug bounty programs and offer fair compensation to all researchers without imposing \u201cradical policies\u201d to avoid payment.\u00a0<\/span><\/p>\n

He also backed the adoption of more transparent vulnerability disclosure processes and stronger collaboration with the global security community.<\/span><\/p>\n

Schmidt advised South Korean tech firms to ensure speed and transparency in their responses to security researchers and the problem-solving process to ensure that the issues are resolved as quickly as possible.<\/span><\/p>\n

Beyond a more open approach to identifying and fixing problems, Schmidt emphasized the need to build a \u201cculture of security\u201d and actively collaborate with the global cybersecurity community.<\/span><\/p>\n

\u201cIf you shut yourself down or if you close yourself, that doesn’t gain you any security,\u201d he said. \u201cBut if you interact with [white hat] hackers, you build a network that all improves your security posture.\u201d<\/span><\/p>\n

Joon Ha Park contributed reporting to this article. Edited by John Lee<\/span><\/i><\/p>\n

Business & Economy<\/span><\/a>Technology & Cyber<\/span><\/a><\/div>","protected":false},"excerpt":{"rendered":"

Millions of South Koreans rely on KakaoTalk \u2014 the country\u2019s most popular and ubiquitous messaging app \u2014 for everything from chatting with friends and family to accessing essential services. However, new research has exposed longstanding business practices that could heighten the app\u2019s vulnerabilities. These reported vulnerabilities potentially allow attackers \u2014 as well as Kakao \u2014 […]<\/p>\n","protected":false},"author":10329,"featured_media":2206573,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[24,29],"class_list":["post-2206572","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-analysis","tag-business-economy","tag-technology-cyber"],"yoast_head":"\nSouth Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO\" \/>\n<meta property=\"og:description\" content=\"Millions of South Koreans rely on KakaoTalk \u2014 the country\u2019s most popular and ubiquitous messaging app \u2014 for everything from chatting with friends and family to accessing essential services. However, new research has exposed longstanding business practices that could heighten the app\u2019s vulnerabilities. These reported vulnerabilities potentially allow attackers \u2014 as well as Kakao \u2014 […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\" \/>\n<meta property=\"og:site_name\" content=\"KOREA PRO\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/nknewsorg\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-25T03:26:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-26T07:27:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1870\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"shreyasreddy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@southkoreapro\" \/>\n<meta name=\"twitter:site\" content=\"@southkoreapro\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shreyas Reddy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\"},\"author\":{\"name\":\"shreyasreddy\",\"@id\":\"https:\/\/koreapro.org\/#\/schema\/person\/9f486a3a23d5f436c1e2ef999e38be73\"},\"headline\":\"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users\",\"datePublished\":\"2024-09-25T03:26:18+00:00\",\"dateModified\":\"2024-09-26T07:27:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\"},\"wordCount\":1818,\"publisher\":{\"@id\":\"https:\/\/koreapro.org\/#organization\"},\"image\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png\",\"keywords\":[\"Business & Economy\",\"Technology & Cyber\"],\"articleSection\":[\"Analysis\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\",\"url\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\",\"name\":\"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO\",\"isPartOf\":{\"@id\":\"https:\/\/koreapro.org\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png\",\"datePublished\":\"2024-09-25T03:26:18+00:00\",\"dateModified\":\"2024-09-26T07:27:10+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage\",\"url\":\"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png\",\"contentUrl\":\"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png\",\"width\":1870,\"height\":1000},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/koreapro.org\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/koreapro.org\/#website\",\"url\":\"https:\/\/koreapro.org\/\",\"name\":\"KOREA PRO\",\"description\":\"Be smart about South Korea. Up-to-date analysis on foreign relations, politics, society and economy. Made by the producers of NK PRO and NK News.\",\"publisher\":{\"@id\":\"https:\/\/koreapro.org\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/koreapro.org\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/koreapro.org\/#organization\",\"name\":\"KOREA PRO\",\"url\":\"https:\/\/koreapro.org\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/koreapro.org\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/koreapro.org\/wp-content\/uploads\/sites\/6\/2022\/11\/logo.png\",\"contentUrl\":\"https:\/\/koreapro.org\/wp-content\/uploads\/sites\/6\/2022\/11\/logo.png\",\"width\":360,\"height\":50,\"caption\":\"KOREA PRO\"},\"image\":{\"@id\":\"https:\/\/koreapro.org\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/nknewsorg\/\",\"https:\/\/x.com\/southkoreapro\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/","og_locale":"en_US","og_type":"article","og_title":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO","og_description":"Millions of South Koreans rely on KakaoTalk \u2014 the country\u2019s most popular and ubiquitous messaging app \u2014 for everything from chatting with friends and family to accessing essential services. However, new research has exposed longstanding business practices that could heighten the app\u2019s vulnerabilities. These reported vulnerabilities potentially allow attackers \u2014 as well as Kakao \u2014 […]","og_url":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/","og_site_name":"KOREA PRO","article_publisher":"https:\/\/www.facebook.com\/nknewsorg\/","article_published_time":"2024-09-25T03:26:18+00:00","article_modified_time":"2024-09-26T07:27:10+00:00","og_image":[{"width":1870,"height":1000,"url":"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png","type":"image\/png"}],"author":"shreyasreddy","twitter_card":"summary_large_image","twitter_creator":"@southkoreapro","twitter_site":"@southkoreapro","twitter_misc":{"Written by":"Shreyas Reddy","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#article","isPartOf":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/"},"author":{"name":"shreyasreddy","@id":"https:\/\/koreapro.org\/#\/schema\/person\/9f486a3a23d5f436c1e2ef999e38be73"},"headline":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users","datePublished":"2024-09-25T03:26:18+00:00","dateModified":"2024-09-26T07:27:10+00:00","mainEntityOfPage":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/"},"wordCount":1818,"publisher":{"@id":"https:\/\/koreapro.org\/#organization"},"image":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png","keywords":["Business & Economy","Technology & Cyber"],"articleSection":["Analysis"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/","url":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/","name":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users - KOREA PRO","isPartOf":{"@id":"https:\/\/koreapro.org\/#website"},"primaryImageOfPage":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage"},"image":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png","datePublished":"2024-09-25T03:26:18+00:00","dateModified":"2024-09-26T07:27:10+00:00","breadcrumb":{"@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#primaryimage","url":"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png","contentUrl":"https:\/\/assets.korearisk.com\/uploads\/sites\/6\/2024\/09\/KakaoTalk-illustration.png","width":1870,"height":1000},{"@type":"BreadcrumbList","@id":"https:\/\/koreapro.org\/2024\/09\/south-koreas-ubiquitous-messaging-apps-security-gaps-risk-millions-of-users\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/koreapro.org\/"},{"@type":"ListItem","position":2,"name":"South Korea\u2019s ubiquitous messaging app\u2019s security gaps risk millions of users"}]},{"@type":"WebSite","@id":"https:\/\/koreapro.org\/#website","url":"https:\/\/koreapro.org\/","name":"KOREA PRO","description":"Be smart about South Korea. Up-to-date analysis on foreign relations, politics, society and economy. Made by the producers of NK PRO and NK News.","publisher":{"@id":"https:\/\/koreapro.org\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/koreapro.org\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/koreapro.org\/#organization","name":"KOREA PRO","url":"https:\/\/koreapro.org\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/koreapro.org\/#\/schema\/logo\/image\/","url":"https:\/\/koreapro.org\/wp-content\/uploads\/sites\/6\/2022\/11\/logo.png","contentUrl":"https:\/\/koreapro.org\/wp-content\/uploads\/sites\/6\/2022\/11\/logo.png","width":360,"height":50,"caption":"KOREA PRO"},"image":{"@id":"https:\/\/koreapro.org\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/nknewsorg\/","https:\/\/x.com\/southkoreapro"]}]}},"_links":{"self":[{"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/posts\/2206572"}],"collection":[{"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/users\/10329"}],"replies":[{"embeddable":true,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/comments?post=2206572"}],"version-history":[{"count":4,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/posts\/2206572\/revisions"}],"predecessor-version":[{"id":2206599,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/posts\/2206572\/revisions\/2206599"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/media\/2206573"}],"wp:attachment":[{"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/media?parent=2206572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/categories?post=2206572"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/koreapro.org\/wp-json\/wp\/v2\/tags?post=2206572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}