News

Leak in Truecaller app gave access to data of millions of Android users

By admin
Spread the love

The Android version of the popular app Truecaller gave access to its users’ data. The app, which makes it possible to identify incoming calls, among other things, has been downloaded more than a hundred million times for that platform. A patch has since been released.

According to security researchers at Cheetah Mobile, the vulnerability allows an attacker to access information such as name, gender, email address and home address via the user’s imei number. An attacker can also change settings, such as disabling spam blocks and modifying the block list. Truecaller reports that malicious parties have not exploited the vulnerability.

The vulnerability stems from the fact that Truecaller uses the imei number of a mobile phone to identify users. This would allow any attacker in possession of that number to request the data. It is not described which technique could be used for this. Retrieving an imei number is possible, for example, through the use of other malware. The Truecaller leak can thus establish a connection between that number and a user.

The developers of the app released a patch on March 22, the new version is available through the Play Store. It is therefore recommended that users perform an update. The researchers have informed Softpedia that they are still investigating whether there is also a vulnerability in the iOS version of the app.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Sony and Microsoft sign agreement to keep Call of Duty on PlayStation

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

Meta announces Roblox for Quest headsets

Exit mobile version