Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
CO-PRESENTED BY
Tech
272
nda:
Needmore seats to Win
Needmore seats to Win
upa:
»
3-min read

This Android Calling App Presents a Huge Threat, But is Still Guarded by a High Rating

TeleStar's 'Call India - IntCall' app can remotely authorise any random number on your phone, make remote phone calls using your number, and even include voice morphing, hence being a massive threat to security.

Shouvik Das | News18.com

Updated:May 14, 2019, 2:46 PM IST
facebookTwittergoogleskypewhatsapp
This Android Calling App Presents a Huge Threat, But is Still Guarded by a High Rating
TeleStar's 'Call India - IntCall' app can remotely authorise any random number on your phone, make remote phone calls using your number, and even include voice morphing, hence being a massive threat to security.
Loading...
Among all the potential features and services that can be hacked, a phone's calling restrictions is possibly the most valuable. That is exactly what is being made possible by an app called 'Call India - IntCall' on the Google Play Store, as discovered by GIS Consulting. The vulnerability disclosed in the report states that the app does not require user permissions to register itself on a phone, and can spoof phone calls for use cases such as criminal activities and extortion.

According to an IANS report, the 'Call India - IntCall' app can register itself once installed on a smartphone, by remotely authorising a random phone number stored in its database, and verifying an OTP that does not require any authentic user verification process. However, what makes it very intriguing is that, despite its disturbing and seemingly shady bearings, no general user would suspect that the app may have a potentially severe security threat embedded within itself.

For one, a look at its listing on the Google Play Store reveals that the app was last updated on December 22, 2014. This is the first reason for not trusting an app, especially if it has received no updates in over four years. The app is very evidently active in operation, though — the reviews section reflects both spam and genuine reviews from multiple users. Given the severe implications, it is a bit surprising that most of the complaints against the app are that it offers only one minute of free international calling. This confirms that an overwhelming majority of users of the 'Call India - IntCall' app, developed by TeleStar, are unaware of the security threats that it poses.

The app's publisher, TeleStar, is a company that runs multiple VoIP (voice over internet protocol) apps and services across the world. On its homepage, among its advertised features, are three rather concerning elements — voice recording, voice changing and "setting background sound to the conversation." This happens to be a big factor that threatens user privacy, for if taken over remotely, a user with malicious intent can morph voice and add fake background ambiance to a call, to carry out tasks of extortion and other threats.


Call India comments

While News18 could not independently verify the claims made by GIS Consulting, there appears to be significant credibility to them, if the pattern of publicly accessible user reviews on the Play Store are anything to go by. Multiple users, although fewer in proportion of 5-star reviews with spam text, have complained that their own phone numbers have been taken over. On April 21, Pankaj Hurmade wrote on the Play Store, "This app not secure, any user's mobile number from calling. [sic]" A similar but more concerning review, left by Simran Kaur and unanswered by the developers, states, "Someone is using my phone number as his ID. I can't use my account, (please) do something."

And yet, despite the open advertisement of voice morphing and background changing on the official website, as well as multiple public reviews pointing at threats that can potentially lead to criminal involvement, 'Call India - IntCall' presently has over 1 million downloads and a rating of over 4.2 on the Google Play Store. While Google has been updating its Play Store policies and banning multiple apps that are suspicious or spread malware, it is still not a fail-proof platform, and security threats exist in this arena despite the rating standards that many users trust before downloading an app.

News18 has reached out to TeleStar for its comments on the matter, but the company has not responded at the time of publishing, with an email questionnaire as well as other requests for comments remaining unanswered. Attempts to contact GIS Consulting has also remained unsuccessful at the time of publishing.
(Get detailed and live results of each and every seat in the Lok Sabha elections and state Assembly elections in Andhra Pradesh, Odisha, Arunachal Pradesh and Sikkim to know which candidate/party is leading or trailing and to know who has won and who has lost and by what margin. Our one-of-its-kind Election Analytics Centre lets you don a psephologist’s hat and turn into an election expert. Know interesting facts and trivia about the elections and see our informative graphics. Elections = News18)
| Edited by: ---
Read full article
Loading...
Next Story
Next Story

Also Watch

facebookTwittergoogleskypewhatsapp
 
 

Live TV

Loading...
Countdown To Elections Results
  • 01 d
  • 12 h
  • 38 m
  • 09 s
To Assembly Elections 2018 Results