The invite-only iOS app faced a security breach as the audio chats were hacked and released on a third-party website over the weekend.
The clubhouse is an upcoming trending app that has garnered immense popularity in the last couple of months. Celebrities like Elon Musk and Facebook CEO Mark Zuckerberg have also made a presence on Clubhouse.
Probably due to its growing attention, the app was recently hacked, and audio chats from various “rooms” were breached. The incident came into light a week after the app ensured its users of safety and protection from malicious eyes. The spokeswoman for Clubhouse, Reema Bahnasy, said, “ An unidentified user was able to stream Clubhouse audio feeds this weekend from “multiple rooms” into their own third-party website.” The company further stated that the accused hacker is permanently banned.
However, the director of Stanford Internet Observatory and former Facebook security chief, Alex Stamos, said that Clubhouse users should “assume” all conversations are being recorded.
Here’s what exactly happened
The culprit built a system using the JavaScript tools that were used to compile the app, Clubhouse. Through which the hacker could improvise the app and access users’ audio chats. Regarding the breach, Reema Bahnasy admitted that the app had taken “safeguards,” to which Stamos said, “Clubhouse cannot provide any privacy promises for conversations held anywhere around the world.”
The SIO released a report into the app on February 12, stating that the User data might be accessible to china’s government. A Shanghai-based start-up, Agora provides the back-end infrastructure and audio production, and data traffic processing. This information was traced by SIO researchers who stated that Agora would likely have access to users’ raw audio, potentially providing access to the Chinese government. The researcher quoted an SEC filing in which the company admitted that it was required to aid the Chinese government in national security and criminal investigations. The SIO clarified, “Conversations about the Tiananmen protests, Xinjiang camps, or Hong Kong protests could qualify as criminal activity.”
However, Agora said in a report to Bloomberg that “it cannot comment on Clubhouse’s security or privacy protocols, but we are committed to making our products as secure as we can.”
Jack Cable, a researcher at SIO, stated that the app would likely add restrictions on how many rooms a user can enter at once and the inclusion of third-party apps into the chat rooms to prevent future mishaps.
Clubhouse has over 2 million users as of 1 February 2021. The hike in users was seen especially after Elon musk hosted a podcast with Robinhood CEO Vlad Tenev.
Currently, the apps function on an invite-only policy; however, Paul Davidson, CEO of Clubhouse, plans to make it accessible to all users soon.