Truecaller bug could expose the personal details of over 100,000,000 users
Security researchers from Cheetah Mobile have discovered a privacy flaw in Truecaller – the world’s largest caller ID app – that puts the personal information of over a hundred million users in danger. As Cheetah Mobile explains in its report, Truecaller uses a devices’ IMEI number to assign identities to its users, which means that anyone with access to a device’s IMEI could tamper with your personal information without explicit consent. By exploiting this defect, attackers can steal and alter details such as “account name, gender, e-mail, profile pic, home address”. Additionally, hackers can also modify application settings, disable spam blockers and edit (or delete) users’ blacklists. Truecaller has since quickly flagged and…
This story continues at The Next Web