1. Mobile

TrueCaller patches exploit that left millions of Android users vulnerable

By

truecaller exploit patched
It seems as though every other day, there’s some kind of potential threat to an Android user’s security. Another security exploit was recently uncovered, but this time it’s related to a dialer app called TrueCaller.

While it’s not malware-related, installing TrueCaller could have left you susceptible to malicious hackers. Cheetah Mobile’s Security Research Lab found a loophole in the app that would have allowed anyone to gain access to TrueCaller user’s private information. TrueCaller used a smartphone’s IMEI number as the identity label of its users.

TrueCaller tells you who’s calling. It does so by identifying numbers, and matching them with ones marked by users. You can mark numbers as spam to make the service better and more reliable. As it crowd-sources its data, TrueCaller users have accounts with their name, phone number, home address, gender, and more — it’s this data that was available to malicious hackers through the app’s loophole.

If someone managed to get hold of your IMEI number, they could go to TrueCaller’s website and access all of that information in your account, and even modify it — potentially lifting spam blocks so those calls can make it through again.

Thankfully, TrueCaller has patched the issue, and you should download the latest update through the Google Play store to make sure you’re safe. The company says no user information was compromised.

“We recently found an issue where some user defined information can be retrieved or changed without the original user’s consent, if a third person knows the IMEI number of the original person’s device,” according to the blog post. “We’ve quickly taken steps to fix this issue and have released an update which we strongly suggest all users upgrade to.”

What makes it scary is that more than 100 million Android users who have downloaded the app were vulnerable, and likely more as TrueCaller has been making its way to Cyanogen OS, in phones like Wileyfox, and Blu devices. TrueCaller is also available for Windows, and iOS, but it looks like the app on those operating systems were not affected.

Editors' Recommendations

The best calendar apps for Android and iOS

best calendar apps

How to know if you’re actually getting Dolby Atmos sound

pioneer elite dolby atmos enabled speaker system review insitutoplogo

The best true wireless earbuds 2021: Which should you buy on Black Friday?

Jabra Elite 7 Pro.

The best Android smartwatches for 2021

mobvoi ticwatch pro news wrist suit

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Tesla receives massive Model 3 order from car-rental giant Hertz

cheapest electric cars tesla model 3 performance red motion

Don’t wait until Black Friday to buy a Dell XPS 13 laptop

Person sitting and holding Dell XPS 13 laptop on their lap.

Disney+ Free Trial: Can you sign up without paying a dime?

Disney+

Amazon’s Black Friday Audible deal just started — Save 46% today!

amazon offers 30 off annual audible deal with 099 echo dot 1

Amazon is practically giving away this 65-inch QLED 4K TV today

TCL 8-Series 4K QLED Roku TV

More Amazon Black Friday deals just went live — Here’s what’s new

couple con amazon out of tech goods boxes

Palm takes a shot at the AirPods Pro with $129 Palm Buds Pro

Palm Buds Pro.

Dell’s second Black Friday flash sale just started — what to buy now

dell xps 13 9310 specs price release date 02