A popular Twitter alternative app Hive has taken all its servers offline for at least a couple of days (72 hours) after security researchers reported multiple critical security vulnerabilities to the Hive team.
The security researcher from the Zerforschung, a German research team, had found the flaws in the Hive app which would allow attackers access to all data, including private posts and messages, shared media, and even deleted direct messages, as well as the ability to edit other people’s Hive posts.
Zerforschung privately reported the issue to the Hive team, and the app team started immediately started to work on fixing it. But it was later found that the issues were not fixed at all and they were not receiving a proper response from the Hive team. Therefore, the researchers took the issue publicly in a blog post and a tweet to deal with it.
After the researcher took their concerns to the public, warning people against using Hive’s app, Hive announced that the company is temporarily shutting down its servers to address these problems.
Hi everyone!🐝— Hive (@TheHIVE_Social) December 1, 2022
The Hive team has become aware of security issues that affect the stability of our application and the safety of our users. Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience pic.twitter.com/wOgW7ga9xN
Later company replied to one user who want to join Hive, saying, the team [Hive] is working on fixing the security issues but it is taking time to fix them all.
Several tweets from the Hive team speak that they are working on a fix and will get back soon.
Once all security issues are fixed, the server will be back online. We weren’t able to fix them as fast as we hoped so we appreciate your patience through this pause! 🥲🐝🌈 https://t.co/mNEkmermQY— Hive (@TheHIVE_Social) December 1, 2022
The founder of Hive, Kassandra Pop mentioned that they are planning to hire more employees who will deal with the issues of the application. The company tweeted again that, “Lots of things happening in the background, so short answer-yes.” A portion of the problem might be less members in the team and a rapid growth in user base.