What just leaked online by security researcher Anand Prakash, of PingSafe AI, will not put a smile on iPhone owners at all, and especially those who have relied on the Call Recorder app. According to what emerged from the computer security researcher, this app was plagued by a significant bug that involved accessing calls recorded by other external users. This would have been possible by faking the phone number of the user he was supposed to violate and using a proxy to route traffic to and from the app. In this way, Prakash was able to access the registrations associated with another account, as confirmed by TechCrunch.
For the storage of the call recording files, the app used Amazon Web Services, a space which was later closed, probably by the developer himself. In digital terms, we are talking about an archive of around 130,000 registrations, with 1 million downloads of the application from the App Store. TechCrunch has contacted the developer of the Call Recorder app, without receiving a specific response regarding the report of the dangerous security breach. A new app update was released later, for which the changelog points the fix to a security vulnerability. We do not know if this is the resolution of the problem just described.
– .