Truecaller’s Guardians Application leaking live location details

Truecaller's Guardians Blogs | IEMLabs

The ‘Guardians’ application launched by caller identification company Truecaller can be very harmful as it is possible for a potential attacker to login into a victim’s account by just using their phone number with the help of the application.

Truecaller is a smartphone application that has features of caller-identification, call-blocking, flash-messaging, call-recording, Chat & Voice by using the internet. It requires users to provide a standard cellular mobile number for registering with the service. The Guardian application was launched by the company on March 3 and currently has over 100,000 downloads on Play Store. The application includes an emergency button that notifies his or her selected contacts such as family members, with their real-time location details at the tap of a button during a crisis.

But, the founder of cybersecurity startup Pingsafe, Anand  Prakash detected that it is possible for a potential attacker to login into a victim’s account by just using their phone number. Following this, the attacker was able to take full control over the account and data associated with it, including the live locations of the guardians or emergency contacts, the victim’s date of birth and profile picture he said.

However, the issue was resolved by Truecaller on March 4 soon after the company was reported about the flaw. The spokesperson for Truecaller confirmed that the vulnerability was possible due to a basic API error and they are trying their best to arrange for proper security and improvements in the Guardians application.

By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!