A security recently discovered a critical vulnerability in the Truecaller app that is used daily by 150 million Android and iOS users in order to prevent them from receiving SPAM and other unwanted calls. The flaw made it possible for threat actors to “inject [a] malicious link as the profile URL.” Any user who visited a profile containing such a link could be targeted with a serious attack.

The researcher showed that the flaw made it possible, for instance, to obtain IP address and system information of users without their knowledge. The issue has now been fixed by the company behind the app.

Read more: Critical Flaw In Android, iOS Phone App: 150 Million Users Put At Risk