A security flaw that recently surfaced within the popular enterprise chat platform Slack has been resolved.
The vulnerability, which was originally spotted and reported by Frans RosĂ©n of the cybersecurity firm Detectify, allowed hackers to steal usersâ Slack tokens by tricking them into opening a malicious page. After alerting Slack to the problem, RosĂ©n wrote about the bug in a blog post.
RosĂ©n reportedly suspected the flaw when a glitch in the desktop app allowed him to hang up other peopleâs calls. In addition, he uncovered a second flaw in the code which allowed him to intercept messages being sent to the main application.
The bug was reportedly resolved five hours later, which earned RosĂ©n $3,000 from the companyâs bug bounty.
Slack is a Vancouver-originated enterprise communications company that was founded in 2009 by Stewart Butterfield, Eric Costello, Cal Henderson, and Serguei Mourachov.
This article was originally published on MobileSyrup