Dalil is the biggest phone directory in Saudi Arabia.
With more than 5 million downloads, Dalil is the 13th most popular communications app in the Kingdom. For context, this is where Viber and Telegram rank in the US. 96% of its users are in Saudi Arabia; the remainder are in Egypt and other Arab countries.
The app works like Truecaller, helping users identify unknown numbers. In theory, this offers protection against cold callers and other unwanted contact.
However, reality tells a different story. Led by Noam R., a well-known white hat hacker and activist, VPNMentor’s research team discovered a major security breach in Dalil’s database. Instead of protecting users, this breach means complete sets of data for 5 million+ users are open and accessible to the entire internet.
Read more on VPNMentor. It turns out a large part of the problem is that their researchers discovered an unsecured MongoDB. Well, we’ve certainly seen that before. According to their post, they sent notification to Dalil, but it’s not clear whether the database was still unsecured at the time of publication, although it sounds like it was still exposed. In light of the types of information collected by the app and the potential censorship and surveillance risks in Saudi society, this breach should have Dalil users concerned.
Update: Subsequent to the post above, The Daily Swig has reported:
“After we reported the issue to Dalil (and before the report went live on our site), we noticed a ransomware encrypted some data on the server, but new data kept being logged unencrypted,” Ariel Hochstadt, vpnMentor co-founder, told The Daily Swig.