Tech

Everyone Who Uses Yik Yak Needs To Update Immediately

A security flaw could expose all of your private messages to hackers.
TO GO WITH AFP STORY by Rob LEVER, US-IT-Internet-teen-trend A March 28, 2014 photo illustration shows websites for several anonymous social networking apps in Washington, DC. When a new social app Yik Yak swept into Auburn University, some of the coolest kids started posting comments on it. But no one knows who is making the comments, because the posts are anonymous. 'It spread pretty fast,' says Nickolaus Hines, a junior at the Alabama university. 'The majority of things are jokes or things which are obviously funny.' But Hines added that 'some of the things are pretty mean,' and that 'the ones about girls get taken off if the girls see them.' Yik Yak, which allows users to see posts in a radius up to eight kiolometers (five miles) is part of a flurry of new apps which offer new ways to interact anonymously in social networks. AFP PHOTO/Mandel NGAN (Photo credit should read MANDEL NGAN/AFP/Getty Images)
TO GO WITH AFP STORY by Rob LEVER, US-IT-Internet-teen-trend A March 28, 2014 photo illustration shows websites for several anonymous social networking apps in Washington, DC. When a new social app Yik Yak swept into Auburn University, some of the coolest kids started posting comments on it. But no one knows who is making the comments, because the posts are anonymous. 'It spread pretty fast,' says Nickolaus Hines, a junior at the Alabama university. 'The majority of things are jokes or things which are obviously funny.' But Hines added that 'some of the things are pretty mean,' and that 'the ones about girls get taken off if the girls see them.' Yik Yak, which allows users to see posts in a radius up to eight kiolometers (five miles) is part of a flurry of new apps which offer new ways to interact anonymously in social networks. AFP PHOTO/Mandel NGAN (Photo credit should read MANDEL NGAN/AFP/Getty Images)

Controversial bulletin-board app Yik Yak has reportedly fixed a bug that could have let hackers take control of users' accounts and wreck their anonymity.

The app, popular with college and high-school students, lets users post anonymous messages. The flaw, which was discovered by SilverSky Labs, an organization that specializes in cloud security, makes it possible for hackers to find user IDs, which is all they need to take control of an account.

There's an easy way to avoid being hacked, though: Just update the Yik Yak app on your phone. SilverSky says it told Yik Yak about the problem on December 2, prompting an update the next day that closed the loophole.

The exploit was discovered by Sanford Moskowitz, a security research intern at SilverSky. Moskowitz wrote that the hack requires an attacker and a target to be on a shared WiFi network -- something that happens a lot on college and high-school campuses.

Yik Yak did not respond to a request for comment.

The app has come under fire in the past for letting young people post anonymous, negative messages about their peers. In a November blog post for The Huffington Post, student writer Fernando Hurtado wrote that the app's format -- "anonymous" messages posted publicly according to location -- has often served as a conduit for racism, insensitivity and violent threats.