Thanks to yet another unsecure MongoDB Server.
Dalil is a Saudi caller ID app that is reportedly been leaking user data because of storing it on an unsecure MongoDB server. Within a week private data of over 5 million Dalil users has been leaked and the data is available online easily for everyone to access. The database was discovered by researchers Ran Locar and Noam Rotem. The researchers tried to inform the app developers but so far they haven’t received any favorable response in this regard.
The app offers caller ID services quite like the app Truecaller does however, it offers its services to users in Saudi Arabia. Naturally, most of the affected users are based in Saudi Arabia but other Arabian customers such as the Emirati, Egyptian, Palestinian, and Israeli numbers are also present in the said database. The reason for the exposure of such massive amount of data is that the MongoDB server wasn’t password protected.
Researchers claim that the database contains sensitive personal details like the full name of the customer along with his/her email ID, cell number, gender, activity logs, and Viber account. Moreover, it also contains exclusive details about the device(s) including the make/model, OS version, telecom operator information, SIM number, device IMEI, GPS coordinates, MAC address and other device-specific information such ads number searches.
Using this information, anyone can track the user accounts because the GPS coordinates can expose the physical location of the phone owners in real time. Therefore, users are urged to stop using Dalil and immediately uninstall it because the database is still linked to the app’s main operation server and is being updated with active users almost on a daily basis.
Ran Locar told ZDNet that at the moment, the database holds more than 585 GB of data. According to Locar, in February the app received 208,000 new user registrations and at some point, some of the data got encrypted by an unidentified threat actor. However, this development went unnoticed by Dalil developers and they also didn’t pay attention to the ransom note left behind by the threat actor.