In recent weeks, Sarahah, created by a developer from Saudi Arabia Zeyn al-Abidin Tawfiq, tops the App Store and Google Play ratings, gaining millions. The word "sarahah" is translated from Arabic as "sincerity", and the application allows users to receive an anonymous feedback, and the user can not respond to such messages, just set up filters, for example, to filter out the most obvious insults.

Independent IS-specialist Zachary Julian (Zachary Julian) warns that an anonymous messenger is not so anonymous. The researcher told reporters The Intercept that Android and iOS version of the application send a list of user contacts (phone numbers and email addresses from the address book) to the remote server, immediately, as soon as the user installs Sarahah.

Although applications often request permission to access the list of contacts and work with them, but this does not mean that all user contacts immediately "leak" in an unknown direction. Moreover, Sarahah currently does not have any contact-related functions at all, in fact, the application simply steals data from users, downloading them to a remote server.

Developer Sarahah Zane al-Abidine Tofik explains that the functions whose work is related to the list of contacts will necessarily appear in the application a little later (most likely, it will be some form of a list of friends). And this is supposedly the reason for the leakage of user data. The author of the application assured that the collection of information will cease as soon as the next version of Sarahah is released, and also stated that the company does not store the lists of contacts received from users, which, alas, can not be verified at all.