Houseparty hacking accounts? What's really in it - a research
A COLUMN of David Wurm 
on April 22, 2020, 20:51 am | Write a comment | Note: Column - More
There are currently harsh allegations against the Houseparty app. The video chat app for Android and iOS is said to hack user accounts and access bank details. At least that's what thousands of accounts post on Twitter. Is your account at risk? TechnikNews researched what's behind it.
Like Zoom, Houseparty is certainly one of the winners in this Corona crisis. Since we should currently only meet our contacts via the Internet, using a video chat app is a good choice. Numerous users on the Internet are currently hearing that the app is dangerous. A few blogs have also posted that the app is dangerous. On the other hand, some claim that there is nothing behind it. I got to the bottom of the matter and have together with TechnikNews Editor Lars spent a few weeks looking for evidence, researching it and combing the net.
Jump to section
Basics first: what is house party?
If you know Houseparty, feel free to keep scrolling. For those who don't know, we'll briefly clarify at this point what the app actually is. Houseparty is an app for Android and iOS. In addition, it can also be used in the Chrome browser on the computer with an extension. Basically, it is a video chat app, comparable to Skype or other apps that exist in this field. At Houseparty you can chat with up to seven friends in so-called rooms. Here, too, a user name, together with an e-mail address and a password, is required to use the app.
The app has existed since 2015 and was bought by Epic Games in mid-2019 - the development team behind it Fortnite plugged. So far, Houseparty has not been well known in this country - due to the Corona crisis, the app has now climbed the leaderboards in the App Store and made it to number 1. To date, the app has over 10 million installations in the Google Play Store.
What's this Proproblem with house party?
Many users claim on Twitter, YouTube and sometimes also on Instagram that the Houseparty app hacked their accounts. Spotify, Amazon, Disney+ and Uber accounts were given as examples of attack targets. In addition, there should also have been attempts to log into Amazon accounts or bank details should have been tapped. In the case of one user, the Facebook account is said to have been affected.
Screenshot: TechnikNews
Despite the changed password and email address, the hacker is said to have been able to get into the Spotify account, the user writes on Twitter. Directly below, another user writes that her Fitbit account and Spotify account have been stolen. We got a little suspicious and so we researched further. We spotted a tweet from a supposedly concerned user on March 30th. She deleted her Houseparty account to be safe now.
Screenshot: TechnikNews
That's not all, we find numerous other accounts posting about their bad experiences. Below you can see screenshots of alleged login attempts on Amazon, Uber and Spotify. There is even a screenshot of an alleged third-party debit from a bank account. Let's see:
-
- Screenshot: TechnikNews
-
- Screenshot: TechnikNews
-
- Screenshot: TechnikNews
-
- Screenshot: TechnikNews
-
- Screenshot: TechnikNews
Are these screenshots real?
We tried to reproduce these screenshots ourselves. In fact, Amazon, Spotify, Uber and Disney+ send such messages if you want to log in from another device or have logged in from there. So these screenshots can be real - even if that doesn't prove whether Houseparty is really behind it. So we were unsure again and continued to research this topic. So we wanted to know directly from the affected users why exactly Houseparty should be to blame for these incidents.
Unfortunately, none of the accounts responded to our direct message requests, nor did we receive a response directly below the respective Twitter post.
