Security Vulnerability in 'Call Recorder' App Exposed User Conversations

by

A security flaw in an app called "Call Recorder" exposed thousands of customer conversations, reports TechCrunch. The vulnerability was found by PingSafe AI researcher Anand Prakesh, and has since been patched.

call recorder app
The Call Recorder app is designed to allow iPhone users to record their incoming and outgoing phone calls, with those recordings stored in the cloud on Amazon Web Services.

Using a proxy tool like Burp Suite, Prakash was able to view and modify network traffic going in and out of the app, and when replacing his phone number with the phone number of another Call Recorder user, their recordings became available on his phone.

There were more than 130,000 audio recordings available, though the files could not be accessed or downloaded outside of the app. TechCrunch informed the developer about the security flaw and it was fixed in an update on Saturday.

A recent report from mobile security firm Zimperium suggested that thousands of iOS apps that use public cloud services like Amazon Web Services, Google Cloud, and Microsoft Azure have improper setups that risk exposing user data.

6,608 iOS apps were found to be exposing users' personal information, passwords, and medical information. Zimperium CEO Shridhar Mittal said that cloud storage misconfigurations are a "disturbing trend."

"A lot of these apps have cloud storage that was not configured properly by the developer or whoever set things up and, because of that, data is visible to just about anyone. And most of us have some of these apps right now," he said.

No apps were named in the report because of the vulnerabilities involved, but some were major apps including a mobile wallet from a Fortune 500 company and a transportation app from a large city.

Tags: App Store, AWS

Popular Stories

apple store down feature

Here's Why the Apple Store is Going Down

Thursday November 27, 2025 1:01 pm PST by
Apple's online store is going down for a few hours on a rolling country-by-country basis right now, but do not get your hopes up for new products. Apple takes its online store down for a few hours ahead of Black Friday every year to tease/prepare for its annual gift card offer with the purchase of select products. The store already went down and came back online in Australia and New Zealand, ...
Read Full Article18 comments
iPhone Pocket Short

iPhone Pocket is Now Completely Sold Out Worldwide

Tuesday November 25, 2025 7:16 am PST by
Apple recently teamed up with Japanese fashion brand ISSEY MIYAKE to create the iPhone Pocket, a limited-edition knitted accessory designed to carry an iPhone. However, it is now completely sold out in all countries where it was released. iPhone Pocket became available to order on Apple's online store starting Friday, November 14, in the United States, France, China, Italy, Japan, Singapore, ...
Read Full Article136 comments
New Intel Logo

Apple and Intel Rumored to Partner on Mac Chips Again in a New Way

Friday November 28, 2025 7:33 am PST by
While all Macs are now powered by Apple's custom-designed chips, a new rumor claims that Apple may rekindle its partnership with Intel, albeit in a new and limited way. Apple supply chain analyst Ming-Chi Kuo today said Intel is expected to begin shipping Apple's lowest-end M-series chip as early as mid-2027. Kuo said Apple plans to utilize Intel's 18A process, which is the "earliest...
Read Full Article95 comments
streaming black friday 2025

Best Black Friday Streaming Deals - Save Big on Apple TV, Disney+, Hulu, and More

Thursday November 27, 2025 1:14 pm PST by
We've been focusing on deals on physical products over the past few weeks, but Black Friday is also a great time of year to purchase a streaming membership. Some of the biggest services have great discounts for new and select returning members this week, including Apple TV, Disney+, Hulu, Paramount+, Peacock, and more. Note: MacRumors is an affiliate partner with some of these vendors. When...
Read Full Article22 comments
iphone air camera

iPhone Air Flop Sparks Industry Retreat From Ultra-Thin Phones

Thursday November 27, 2025 3:14 am PST by
Apple's disappointing iPhone Air sales are causing major Chinese mobile vendors to scrap or freeze their own ultra-thin phone projects, according to reports coming out of Asia. Since the ‌iPhone Air‌ launched in September, there have been reports of poor sales and manufacturing cuts, while Apple's supply chain has scaled back shipments and production. Apple supplier Foxconn has...
Read Full Article237 comments
iphone black friday gold

The Best Black Friday iPhone Deals Still Available

Friday November 28, 2025 6:24 am PST by
Cellular carriers have always offered big savings on the newest iPhone models during the holidays, and Black Friday 2025 sales have kicked off at AT&T, Verizon, T-Mobile, and more. Right now we're tracking notable offers on the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air. For even more savings, keep an eye on older models during the holiday shopping season. Note: MacRumors is...
Read Full Article3 comments
Apple Foldable Thumb

Foldable iPhone to Debut These Three Breakthrough Features

Tuesday November 25, 2025 7:09 am PST by
Apple's first foldable iPhone is expected to launch alongside the iPhone 18 Pro models in fall 2026, and it's shaping up to include three standout features that could set it apart from the competition. The book-style foldable will reportedly feature an industry-first 24-megapixel under-display camera built into the inner display, according to a recent JP Morgan equity research report. That...
Read Full Article130 comments

Top Rated Comments

Rigby Avatar
Rigby
62 months ago

Anything goes in the walled garden as long as Apple gets its pound of flesh.

Remember when they said it was going to be curated?
If you expected Apple to be able to somehow detect every bug or vulnerability in every 3rd party app, you have completely unrealistic expectations.


You're safer using the open Web, thanks to the protections of Google.
Thanks for the laugh.
Score: 9 Votes (Like | Disagree)
MichaelMaier Avatar
MichaelMaier
62 months ago

I always wonder why people need to record a phone call, since without consent it can’t be used as evidence in a trial and might ilegal in US…… until someone from Instacart’s customer support told me to “get over it” and accept that they spy their customers but is not different from anyone else. I was like….but I’m paying for your to spy on me? And they said yes! …. I wish I have a way to record those calls.
Correct me if I’m wrong, but in most US states you only need the consent from one participant of a recorded conversation.
Score: 5 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
62 months ago

I always wonder why people need to record a phone call, since without consent it can’t be used as evidence in a trial and might ilegal in US…… until someone from Instacart’s customer support told me to “get over it” and accept that they spy their customers but is not different from anyone else. I was like….but I’m paying for your to spy on me? And they said yes! …. I wish I have a way to record those calls.
The laws in the US vary by state and jurisdiction. Some have 2 party consent, others only require 1 party. You are right that with consent, the recording can be used as evidence in court. I live in a 1 party consent state. Fyi, 37 other states and the District of Columbia are also 1 party consent.

With that knowledge in hand, it's not really that hard to fathom why people record calls.
Score: 4 Votes (Like | Disagree)
deevey Avatar
deevey
62 months ago

I always wonder why people need to record a phone call, since without consent it can’t be used as evidence in a trial and might ilegal in US…… until someone from Instacart’s customer support told me to “get over it” and accept that they spy their customers but is not different from anyone else. I was like….but I’m paying for your to spy on me? And they said yes! …. I wish I have a way to record those calls.
Try calling any customer service dept multiple times. Half the time they deny having a log of the previous complaints or fail to relay the call correctly.

Being able to play the call back to their supervisor - priceless !
Score: 4 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
62 months ago

Anything goes in the walled garden as long as Apple gets its pound of flesh.

Remember when they said it was going to be curated?

You're safer using the open Web, thanks to the protections of Google.

If you use Safari Fraudulent Website Warning (which you probably do by default), that's a Google feature (Apple sends the URLs to Google's servers to check them).

None of this makes Apple look good in its antitrust hearings where they say consumers trust them to have a safe app store and thus can't allow third party app stores or payment services.
How is the subject of the article Apple's fault?
Score: 3 Votes (Like | Disagree)
dk001 Avatar
dk001
62 months ago

I always wonder why people need to record a phone call, since without consent it can’t be used as evidence in a trial and might ilegal in US…… until someone from Instacart’s customer support told me to “get over it” and accept that they spy their customers but is not different from anyone else. I was like….but I’m paying for your to spy on me? And they said yes! …. I wish I have a way to record those calls.
Sadly not true.
Recently wrapped up a legal issue where party A in a State without dual consent could record and use everything while the other side living in a dual party consent State could not.

Then again it can be fun to put "your call may be recorded for quality purposes..." on your line. :eek: The telemarketers hang up fast.
Score: 2 Votes (Like | Disagree)
Read All Comments