Alert for Verizon’s 146 Million Users: Critical Security Flaw Detected

• EXPLORE FURTHER: Alarming T-Mobile App Glitch Exposes Children’s Locations to Strangers

A vulnerability in Verizon’s Call Filter application might have left the call records of millions of customers susceptible to hacking, according to recent findings.

The problem was identified by ethical hacker Evan Connelly, who cautioned that 'this wasn’t merely a data breach, but a real-time surveillance mechanism waiting to be abused,' in his report.

The Call Filter application, designed to help users block spam calls and recognize unidentified numbers, is preloaded on numerous Verizon devices.

This weakness permitted non-authorized users to access comprehensive information about incoming calls for any Verizon phone number via the application’s backend server.

To put it differently, a hacker could input any Verizon phone number into the system and retrieve a list of recent inbound calls along with their respective times. presents a significant threat to customers' personal information.

'This is, of course, a worry about personal privacy for everyone However, for certain individuals, this might also pose a safety issue," stated Connelly.

Connelly pointed out that even seemingly innocuous call data can transform into a potent surveillance mechanism when it ends up with malicious individuals.

'With unrestricted access to another user's call history, an attacker could reconstruct daily routines, identify frequent contacts, and infer personal relationships,' he wrote.

Verizon hasn't specified the number of customers affected by the security issue, but they have stated that it was limited to iOS devices.

However, Connelly assessed in his report that it affected nearly all, or possibly all, customers who had the Call Filter service activated.

On February 22, he informed Verizon about the problem, and subsequently received verification from them on March 25 that the issue had been addressed.

Still, leaving millions of customers' call histories vulnerable to hackers for weeks may have had serious consequences.

"He pointed out situations involving survivors of domestic violence, police officers, or public personalities — people who depend on the privacy of their communication records," he noted in his writing. report .

'Sharing their incoming call records openly isn’t merely intrusive; it’s risky.'

Connelly detailed in his report how hackers might take advantage of the security vulnerability present in the Call Filter application.

'In order to display your recent history of received calls in the Verizon Call Filter app, a network request is made to a server,' he wrote.

'That request contains various details such as your phone number and the requested time period for call records. The server then responds with a list of calls and timestamps for each.

'Wasn’t the server supposed to confirm that the phone number being asked for belonged to the user who was logged in? Right? RIGHT?? Well... not exactly.'

'One could alter the telephone number being transmitted and subsequently obtain information intended for Verizon numbers unconnected to the authenticated user.'

Verizon's website states that the Call Filter app is pre-installed on most Android devices, and Connelly believes this service 'may be on by default for many/all Verizon Wireless customers.'

In a statement to inspiriences, a Verizon spokesperson said: 'Verizon was made aware of this vulnerability and worked with the third-party app owner on a fix and patch that was pushed in mid-March.

'While there was no indication that the flaw was exploited, the issue was resolved and only impacted iOS devices.

'Verizon takes security very seriously and appreciates the responsible disclosure of the finding by the researcher.'

Read more