Severe Security Flaw Found in DeepSec iOS App

Cybersecurity firm NowSecure has discovered a serious security flaw in the DeepSec chatbot app for iPhone and iPad. According to the company, DeepSec’s iOS app exchanges various information about users and their devices online without any encryption. As a result, users of DeepSec chatbot on iPhone and iPad are at risk of security.

NowSecure said that DeepSec chatbots do not follow the highest security standards and have shortcomings in protecting their users’ data. The DeepSec app, developed for iOS, sends app registration and important device information directly to the internet, which is not protected by any encryption method. The app’s encryption system also has several serious flaws. Due to these flaws, cybercriminals can easily learn user information.

In the case of iOS apps, App Transport Security (ATS) is an important security mechanism that prevents sensitive data from being sent without encryption. But in the iOS version of DeepSec, this security mechanism has been completely disabled. As a result, users’ information is at risk. With ATS disabled, the DeepSec app can easily send data over the internet without encryption, and that is what is happening now.

Recently, the Associated Press reported that DeepSec is sending users’ login information to China Mobile, the Chinese state-owned telecom company. As a result, there are concerns that DeepSec could leak users’ personal information to China.