Caller ID app exposes information of millions of users

Researchers show how to remotely listen to, record calls from Samsung Galaxy phones

Again, a data leaking relates to the poor security of a MongoDB implementation

The Dalil Caller ID app, developed in Saudi Arabia, has been leaking the information of its users because of its implementation of MongoDB, reported specialists in network security and ethical hacking from the International Institute of Cyber Security.

More than 5 million records have been exposed online for about ten days. The database was discovered by a team of network security experts; the experts tried to contact the company about the incident, although this task has been complicated.

“This app is mainly used by people from Saudi Arabia, Egypt, Palestine and Israel. The reason for the exposure is that the implementation of MongoDB did not have a password”, the experts in network security mention.

The exposed database has several personal details of the users of the app, for example:

  • Email address
  • Gender
  • Users’ device model
  • Activity logs
  • Operating system version
  • IMEI Key

Malicious actors could easily trace the location of a device using the leaked information and, because the application is directly linked to the compromised database, it is most advisable for users to reduce dependency to this development.

According to reports, the database contains around 580GB of information and receives about 210,000 new records daily; Even an unidentified malicious actor has already been detected, which has encrypted a portion of the information with malware. Later the ransom note left by the attacker was found, although apparently the developers of the application had not even seen it.