A proof of concept demonstrating how to use the Hinge dating app as a C2.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

A proof of concept demonstrates using the Hinge dating app as a command and control server by encoding binary payloads into images uploaded to profiles. The technique exploits publicly accessible Hinge profile photos and an undocumented API, requiring Android app patching to bypass certificate pinning via network security config modification. The implementation uses visual encoding to embed executables in images, retrieves them via API calls with specific headers, and decodes them back to working binaries.

Using Hinge as a Command & Control Server