A hacker from Pakistan yesterday unveiled a critical vulnerability in Telenor Pakistan’s website that could be exploited to find out handset related information of Telenor’s entire customer base.
Instead of mis-using this vulnerability in Telenor’s system, the hacker decided to report the bug to Telenor Pakistan — through ProPakistani — which was eventually fixed by Telenor later in the evening.
Through this specific security flaw anyone, with little computing knowledge, could find out the handset model of Telenor number holders. Additionally, the IMEI number, IMSI, ICCID numbers could also be displayed to anyone. With this bug, anyone could blacklist a Telenor number.
By simply entering the Telenor number of a customer into the system, anyone could find out the history of mobile phone models that the customer had used during his relationship with Telenor Pakistan.
[two_third]
Hacker, who wants to remain anonymous, told ProPakistani that he had found this vulnerability while browsing the website, exposing that anyone could have found the bug and had mis-used this serious bug to find out information of Telenor customers.
Responding to ProPakistani’s query on the matter, Ms. Atifa Asghar, Director Corporate Communications & Responsibility, Telenor Pakistan said that her company places a strong emphasis on confidentiality, privacy and security of data.
[/two_third]
[one_third_last]
“Yesterday, we became aware that through a particular mechanism it had become possible to extract handset related information like IMEI”.
Atifa Asghar, Director Communications, Telenor Pakistan.
[/one_third_last]
“Yesterday, we became aware that through a particular mechanism it had become possible to extract handset related information like IMEI. We immediately investigated the matter and took timely remedial measures to plug this breach”, said Atifa Asghar.
Recent hacking of Telenor’s website and emergence of above-mentioned security flaw pose serious threats to customers’ private and confidential data that can go into wrong hands due to (apparently) thin security of cellular companies’ websites.
Atifa, however, reassured that safeguarding customers’ personal information and data is an integral component of Telenor values and philosophy.
Damn :/ aB nI bAtaEgA kOi TumE kuCh :/ jO bAtAo bANd kArwAdeTy Ho :/ :/
yar ya to hur banda use kar raha hai itsss toooo old is ka to tool b bana hua a aur ya to buhat arsa sa use ho raha a is sa pehla telenr weblounge per sai wajae thi us per sa to sim b block ho jati thi hahahaha hahahahha aur hur 1 hi info b a jati thi……… us per sa b kafi 2 numbari ki hai kafi logo na
ya link tha ya wala jaha sa sb kch ho raha tha
http://dms.telenor.com.pk//portal/auth/portal/CcaPortaltp/default
thanks dextor for the info
ARey KashiF BhAi yAR iN SaHAb kO BohAt KeeReY UtH rAe thEy :/ InhO nE jA K Tele WALo ko boL diA :/ :/
hahahahaha bolna da yar…………..
hahahahahha kch ni hota a
bt nw itz nt wrking
Yeah they fixed that :)
yeh woh link hai jis se hackers ke programs data retrieve kartay thay lekin real main online link doosra tha :)
your news is old ya to i thnk 6 month pehla mai na link dekhaaa tha……… :)
i am a telenor user and i dont know what the hell they are doing its been so many months that they havent fixed web self service it was very useful for me and for other many customers…
and i also saw there were same fake websites for this web self service but they are in deep sleep i guess … Lakh wali _______ :@ :@
yeah, the web self service is not fixed yet, and its been months and months -_-
as a telenor customer i am worried now
so am i
As a Pakistani you all should not worry! Because we are here for your security brother!
hahahahaha :P
abi to ya kch b nahi a dear :)
l0l :P :P :P JuSt TeleNoR mE nI hAN BuGSS :P :P NET se RelAted Jo KuCh b hA uNmE kAhi nA kAHi kOi nA kOi bug hA :D :D
“WrItINg LikE ThIS” doesnt make you cool bro :P get a life !!!
l0l :P BTW Admin oF PRo PK : jiSSe ApnE yE sAb DetAilSs li ThIn : wO Anonymous Hacker : APnE uSSe yE DetAilSs ki kEh k liN Thin ? yE k mE TelenoR waLo kO bAtAoNgA ? And NafeeS eSi WriTinG Se coOl Ni hoTe :D WeSe Hi thAnd hA :P
thanda hoja yar kuch ni hota :)
yeah :P I have many things more :D Sql vulnerabilities and different informative vulnerable servers :D
As a Pakistani you all should not worry! Because we are here for your security sister!
Aliya Dont worry about the integrity of your security!, they wont be able to see your calls and sms logs :D
wo us weblounge sa b logo na bari wajaeeee thi telenr ki hahahaha hahahaha hur ek ka daata lauch ho raha tha us ki kafi complain ka baaad band kar d gae hahahaha hahahah
abi to ya telenr hai abi to ashi ashi chezaaa ae hue hai na ka bs na e pochooo yar……… buhattttt 2 numbari hai net per…….. Allah bus hur insan ko naek amal karna ki tohfeek da aur in kamo sa doooor rakhaaa…………. :'(
You’d expect better from the makers of Opera browser. :/
Aamir I had very bad experience from Telenor services last
week. I want to write blog about their services.
Sure, you can get to me here: https://propakistani.pk/contact-us/
AamiR TelL mE : yE DetAil JiSne ApkO Di uSne iS lie Di ThI k Ap TelenOr waLo ko DeDo ? Just wANnA ConFiRm SoMeThiNg
it was too old, visitors could check emei of user, cellphone model, last downloading status of gprs/mms settings, could send gprs settings, etc.
Isnt Telenor all Chinese all the time? https://propakistani.pk/2011/12/17/zte-wins-telenor-countrywide-network-swap-contract/
hahaha…how can a website leads to customer’s data hahaha….I am telenor customer since last 3 years and will still remain
What I didn’t hear you.. Telenor fixed it.. !!! buhahahahah :D