True Caller and CM Security leak billions of mobile phone numbers

Smart Phone Security applications which assure to offer user protection against unwanted incoming calls are now proving as a major security threat to their users. As per the latest security alert issued by Hong Kong Based news agency Factwire, these companies are spilling phone address books of their respective users to publicly accessible databases.

Noted Hong Kong leader Leung Chun Ying and Carrie Lam Cheng were surprised to know that their contact details were available on the internet via TrueCaller application which was being used by them on their respective phones.

CM Security and Sync.Me were also seen sharing data of their users with some private databases which were accessible to hackers and other only online cyber criminals.

Factwire’s probe found that more than 60 out of 70 lawmaker’s details were freely available to hackers on a publicly available database. Those include Legislative Council President Andrew Leung Kwan Yuen, Tan King which is a former police commissioner, film director Alfred Cheung Kin Ting, Actress Liza Wang Ming Chun and Television host Natalis Chan Pak Cheung.

As per the latest news feed from Factwire the data spill is not limited to those residing in Hong Kong but is also spread around the world.

Factwire’s research proved that anyone inputting data in a “reverse look-up feature” can trace the details of billions of phone number holders. And the names of these holders are also available to those who have a premium account on the website.

Generally, applications allow users to share their phone book addresses when their products are downloaded from Google or Apple iStore. In this process, even the names of those phone number holders are spilled to the apps. Although most of the companies say that they do not share their data with other companies, they might be technically doing it in other ways.

The CM Security app, Sync.Me app and TrueCaller advertise themselves as the most trusted and top rated free apps offering mobile security, anti-theft of info feature along with anti-virus.

But this seems to be on paper and might not be truly practiced in reality.

More details will be updated shortly!

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display