Vulnerable Mobile Application in Google Store, Spoofs your identity & makes fake calls
By MYBRANDBOOK
Cybersecurity Researchers, GIS Consulting says, during their examination of several android mobile applications found that there are some free applications available on google play and app store which provide the facility to establish free calls over internet to users. Anyone possessing an android mobile phone can download this application for free and make free calls.
An application called "Call India - IntCall" provides the same service, and this application is available on google play as well as app store. Now, you might be thinking, what's strange in that. But this application has a very serious and dangerous flaw in it.
Application Does Not Require Any User Authentication Permission
As per Mr. Naveen Dham CEO & Founder of GIS Consulting, any person can simply download this application from google play store or app store, after getting downloaded, the application asks for registration, in which we can simply register by entering anyone’s phone number whom you want to spoof.
This is where the biggest flaw exists. As this application does not require any user permission from the owner of the phone number, a person can enter any 10-digit mobile number of anyone and get registered successfully without entering any OTP or any verification code.
.
The application can be used to make fraud calls to anyone using someone else’s caller identity number, as one can use any valid or invalid number to call someone without getting caught.With this the criminals can spoof your phone number to call your family members, friends, colleagues, employees, employers or bankers etc. to extort money or get critical information pertaining to you.
These type of applications should have been thoroughly checked by Google before putting them on play store which raises a big question on Google’s procedures followed to allow any new application to get uploaded on play store.
The strange thing is that the application is still not reported by anyone and freely available on internet.The application developers should implement OTP based authentication or any other type of user verification which verifies that the user is genuine.
This application can be used by not only hackers but also by fraudsters, extortionists and terrorists etc. for their benefit and can harm the society.
Immediate actions should be taken to remove this app from Google Store and remediation actions to be taken to restrict these kind of applications to be uploaded on play store.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
AGGRESSIVE ELECTRONICS MANUFACTURING SERVICES PVT. LTD.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
TP-LINK INDIA PVT LTD.
GLOBUS INFOCOM LTD.
Technology Icons Of India 2023: Byju Raveendran
Byju Raveendran is the founder of edutech start-up Byju’s. Raveendra...
Technology Icons Of India 2023: Sandip Patel
Sandip Patel is the Managing Director, IBM India/South Asia. He is res...
Technology Icons Of India 2023: Som Satsangi
With more than three decades in the IT Sector, Som is responsible for ...
Aadhaar: Architecting the World's Largest Biometric Identity System
The Unique Identification Authority of India (UIDAI) is a statutory au...
Leading company into fertilizers in the country
NFL is a dynamic organization committed to serve the farming community...
BEL leveraging next generation technologies to keep the country ahead in Defence space
Bharat Electronics Limited (BEL) is a Navratna PSU under the Ministry ...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...
REDINGTON INDIA LIMITED
Redington (India) Limited operates in the IT product distribution busi...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...