Do you use the Truecaller service to identify unknown calls ? Truecaller is the most commonly used application available for Android, iOS and windows phones to identify the unknown calls and messages. There are so many posts regarding the privacy and other details here we are going to discuss about a security issue Truecaller had and what you should do to fix it.
CheetahMobile recently found a serious loophole in the Truecaller, which allows hackers to access user’s sensitive details, opening back doors of the system for attackers.
The researcher found that Truecaller uses devices’ IMEI as the only identity label of its users. Meaning that anyone gaining the IMEI of a device will be able to get Truecaller users’ personal information (including phone number, home address, mail box, gender, etc.) and tamper app settings without users’ consent, exposing them to malicious phishers. Attackers can also change the application settings, edit black list, and more.
You can read more about it here.
Truecaller reports that they have fixed the issue and have not found any suspicious activities so far. The fix is already rolled out, so if you have not updated your Truecaller application recently you may be in danger. Update your application now itself.