{"id":205645,"date":"2016-04-10T13:28:27","date_gmt":"2016-04-10T13:28:27","guid":{"rendered":"http:\/\/4cd.e16.myftpupload.com\/?p=205645"},"modified":"2016-04-10T13:28:27","modified_gmt":"2016-04-10T13:28:27","slug":"flaw-in-truecaller-android-app-exposes-millions-to-hacks","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2016\/04\/flaw-in-truecaller-android-app-exposes-millions-to-hacks\/","title":{"rendered":"Flaw in Truecaller Android app exposes millions to hacks"},"content":{"rendered":"
This vulnerability, which has been fixed in the latest Android update, could have allowed anyone to potentially gain access to Truecaller users\u2019 information and change their call blocking settings. The millions of Android users who downloaded this app on their smartphones could be in danger.<\/p>\n
The CM Security Research Lab recommends that Truecaller Android users update to the latest version on Google Play immediately.<\/p>\n
The researcher found that Truecaller uses devices\u2019 IMEI as the only identity label of its users. Meaning that anyone gaining the IMEI of a device will be able to get Truecaller users\u2019 personal information (including phone number, home address, mail box, gender, etc.) and tamper app settings without users\u2019 consent, exposing them to malicious phishers.<\/p>\n
<\/p>\n
By exploiting this flaw, the attackers can:<\/p>\n
Steal personal information like account name, gender, e-mail, profile pic, home address, etc.<\/p>\n<\/li>\n
Modify a user\u2019s application settings:<\/p>\n<\/li>\n
Disable spam blockers<\/p>\n<\/li>\n
Add to a black list for users<\/p>\n<\/li>\n
Delete a user\u2019s blacklist<\/p>\n<\/li>\n<\/ul>\n
<\/p>\n
The Cheetah Mobile Security Research Team notified the developer of Truecaller about this vulnerability as soon as they discovered the loophole and offered all it could to help the developer fix the issue. Now the maker of Truecaller has addressed the issue and released an update on March 22nd.<\/p>\n
Although the flaw has been fixed in the latest version, the majority of the users are still in danger as they have not got access to the new release yet. The CM Security Research Lab advises Truecaller users to upgrade this app to the latest version as soon as possible.<\/p>\n
–<\/p>\n
Source: Cheetah Mobile<\/p>\n","protected":false},"excerpt":{"rendered":"
This vulnerability, which has been fixed in the latest Android update, could have allowed anyone to potentially gain access to Truecaller users\u2019 information and change their call blocking settings. The millions of Android users who downloaded this app on their smartphones could be in danger. The CM Security Research Lab recommends that Truecaller Android users […]<\/p>\n","protected":false},"author":14,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[106],"tags":[],"yoast_head":"\n