Hmm.. PathWebsite... no related.. no official.. indeed suspicious

Oh wow, it’s fake and suspicious…

Last Monday, roaming around at my office, some of my colleague showed me a website that really have a similar look with Path.com and also exact Path logo on the website, web layout is pretty neat too, some of my friend even says that PathWebsite is for exclusive path users only. I dunno how PathWebsite team could tricked people with such way.

Screen Shot 2014-05-20 at 11.57.05 AM

After you logged in to the website, surprisingly you will see your own path timeline… hmm dunno how they did it, AFAIK as a developer who want to have their app connected to Path Api services, they should have had officially partnered with Path.com such as NikeRun and Wordpress. The illegal way accessing Path data is by “byPass”-ing Path server with own user credential. It’s mean that Path has a hole on their server which let some people hacking to get user data without Path offical Api.

https://twitter.com/PathService/status/463738769946857472

My suggestion for you who had registered your account on that site is to change your credential immediately, at least that is what you can do for now.
Just hope that they don’t do anything illegal with your credential.

Khalid Adisendjaja

Internet tech wanderer. Networking enthusiast. Radio Announcer. Casual Gamer. OpenSource Fans. Information Junkies. My tweet is my own.

Jakarta, Indonesia http://khal.web.id