Popular call-blocking App Truecaller has rushed out a repair after a security flaw was identified through an researching firm, exposing user information in addition to system and location details.
The research developed a POC demonstrating a “malicious connection” may be injected in place of a profile image to possibly target strikes on other users clicking on profile.
An attack may be implemented with almost any user knowledge.
Truecaller confirmed the difficulty explaining, “It was lately brought to our attention that there was a little bug in our program services that let the alteration of a person’s own profile within an accidental manner. The flaw was instantly fixed.”
The fix was implemented into the core APIs inside the system itself, nevertheless, all users make sure that App is updated to the latest version.
Truecaller was created in Sweden to handle the battle of SPAM calls and viewing unknown phone numbers.
The platform can be obtained globally but is particularly common in India, in which the company states it’s come to be the popular communication tool following the social networking giants.
India-based researcher Ehraz Ahmed found the flaw, exposing it to local press along with the organization and waiting for a repair before going public.
The consumer seeing the attacker’s profile search or via a popup becomes tapped.”
Ahmed has said the flaw can be used to mount significant strikes on target devices, truecaller doesn’t seems to be serious about its security, previously there are news of security flaws of Truecaller many times.