Sarahah the honest feedback app is going viral from last week, the app is designed to collect feedback from your friends, employees, and others. But the app is not doing that, according to the report, Zachary Julian, a senior security analyst at Bishop Fox claims that the app is collecting the information of the users.
Sarahah has 18+ million users and is popular on the App Store. With the popularity and the widely downloaded apps, Sarahah has now become the third in a position that is stealing the information of the users. Julian the researcher notify that when he was using the app from its Samsung Galaxy S5 running Android 5.1.1 Lollipop the app uploads his private data to a remote server. He says, once you launched the app from your smartphone, it will steal and upload your all contact list, numbers and email information. He says as:
“As soon as you log into the application, it transmits all of your email and phone contacts stored on the Android operating system.”
Researcher says that in any interception, the app will once again start to upload the data from start. The app is working the same for the android and as well as for the iOS devices. But, it will appear with an “access contacts” for the latest Android and iOS versions. On the justification of the app, the creator Zain Al-Abidin Tawfiq says:
“Contact lists are being uploaded for a planned ‘find your friends’ feature, which has been “delayed due to a technical issue. The database doesn’t “host contacts” at the moment. Even if that’s the case, Sarahah users might not be happy with this feature considering it could take the entire fun of anonymity out of the way with users being able to guess based on who uses the app in their contact list.”