Elain Brown Tech 07.26.2022 04:Jul AM EDT

Anti-Vax Dating Site Unjected Exposes Data of 3,500 Users

A dating app for anti-vax site people has recently become the target of a data breach.

The hacking incident caused significant damage and resulted in the exposure of data from 3,500 users.

The dating site called "Unjected" is a popular app across the country that caters to a very specific niche of people: the unvaccinated population.

Unjected has a user base that became popular during the beginning of the pandemic. The app is designed with the purpose of dating, but only dating and gathering like-minded people to come together.

Anti-Vax Dating Site

The Anti-vax dating site, Unjected, is a platform where people who are against the COVID-19 vaccine gather to interact with one another.

Unfortunately, the website lacked the precautionary measures to ensure the safety of its platform and its users.

The site exposed important information and made it possible for virtually anyone to become a site administrator.

According to DailyDot, the "Unjected" website was designed from the ground up to have the administrator dashboard completely open to the public at all times.

An administrator has the ability to access user information for any member of the site using this dashboard, such as addresses, date of birth, and email addresses.

The platform's vulnerability was detected by a security researcher named GeopJr. The researcher discovered that the website enabled the debug mode.

An application that has been successfully deployed should never have its debug mode enabled by default since it contains a unique collection of capabilities that are only intended for usage by software developers while they are working on the app.

Taking advantage of this feature will allow any user to make changes to the website, such as offering a free subscription, deleting data, adding and removing pages, and many more.

It is estimated that there are approximately 3,500 users on the site at the moment, which means that every single one of those individuals is at risk.

GeopJr stated to DailyDot, "Almost none of the actions an admin or a user can take require any kind of authentication whatsoever." He added, "Anyone can directly manipulate parts of its database and its content."

The Anti-Vax App

The Unjected app may not yet have an enormous user base, but the platform also aims to spread its influence and build its presence in the unvaccinated community.

According to The Verge, this anti-vax dating site is more than just about dating. They have also catered to the needs of other people and expanded their services.

Now, users can offer their breast milk, eggs, and semen for donation. There is also a blood bank. Users can also register for a "blood bank" by providing their location and blood type on a different portion of the website.

They brand the blood and fertility section of the website as "mRNA-free," which is a molecule found in the Moderna and Pfizer COVID-19 vaccines.

After the Unjected app was removed from the Apple App Store in August 2021 for breaking Apple's COVID-19 content restrictions, the Unjected website has since become one of the project's primary gateways.

Android users can still download the app, though, as it is still available on the Google Play store, where it has received more than 10,000 downloads and has received reviews with an average rating of 2.5 stars.

Furthermore, Shelby Thomson, one of the co-founders of Unjected, stated that she notified her technical team and immediately began the process of addressing the vulnerabilities found on the platform.