Truecaller Fixes Flaw in Android App That Exposed Data of Millions of Users

Advertisement
By Gadgets 360 Staff | Updated: 29 March 2016 17:02 IST
Truecaller Fixes Flaw in Android App That Exposed Data of Millions of Users

Truecaller says it has fixed a flaw in its Android app which potentially allowed attacker to retrieve personal information of users and change these details without a user's consent. Security researchers at Cheetah Mobile Security Research Lab detailed this vulnerability.

The flaw only existed in Truecaller's Android client, and according to the company, it has been resolved with an update. To recall, Truecaller in November last year said it had 200 million users across its Android, iOS, and Windows Phone apps.

Truecaller on Monday announced the availability of an update to its Android app that fixes the security flaw. Researchers at Cheetah Mobile firm reported on Monday that Truecaller utilises IMEI number to identify a person. In a proof-of-concept code the firm shared with Softpedia, researchers were able to retrieve the personal details of users by "interacting with the app's servers." The security firm added that up to 100 million users of the Android app are affected.

Advertisement

"This vulnerability allows anyone to steal Truecaller users' sensitive information, potentially opening doors for attackers. Overall, more than 100 Million Android users who have downloaded this app on their smartphones are in danger," security researchers wrote in a blog post. "By exploiting this flaw, the attackers can: Steal personal information like account name, gender, e-mail, profile pic, home address, etc, and modify a user's application settings."

(Also see: How to Remove Your Number From Truecaller)

Truecaller has acknowledged the bug. In a blog post, the company, whose app helps users find information about the caller and block telemarketers, wrote, "We recently found an issue where some user defined information can be retrieved or changed without the original user's consent, if a third person knows the IMEI number of the original person's device. "

Advertisement

At this point, it's likely that there is no exploit in the wild. To ensure you're secure however, ensure you have updated Truecaller to the latest available version.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Starlink to Launch in India With Rs. 33,000 Setup Kit, Unlimited Plans
  2. Google Releases Android 16 for Pixel Devices With These New Features
  1. Top Smartphones Under Rs 30,000 in India (June 2025): Nothing Phone 3a Pro, Motorola Edge 60 Pro, Poco X7 Pro
  2. Over 4,300 Koalas Found in Newcastle’s Fringe Forests by Drone Survey
  3. Zoom Expands Phone Service to Six Telecom Circles, Zoom Contact Centre Launched in India
  4. NASA F-15 Flights Validate Supersonic Tools for X-59 Quiet Flight Quesst Mission
  5. NASA’s Chandra Spots Unexpectedly Strong Jet from Distant Black Hole at Cosmic Noon
  6. Shubhanshu Shukla’s Axiom-4 Spaceflight Postponed Following Oxygen Leak in Falcon 9 Booster
  7. Giada In My Kitchen OTT Release Date: When and Where to Watch Giada De Laurentiis Makeover Special
  8. Too Much OTT Release Date: When and Where to Watch Upcoming Rom-Com Online?
  9. Alappuzha Gymkhana OTT Release Date: When and Where to Watch Malayalam Comedy Drama Online?
  10. Ballard OTT Release Date: When and Where to Watch Crime Thriller Series Online?
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.