So, don’t cover up your selfie cameras with stickers and don’t block your microphones or just throw out your phone just jet. But if you have a tracker application on your smartphone you should really be concerned… Because someone could be stealing your data, like for real.
Someone could be stealing your data!
Tracker apps these days are really handy for parents to locate their children etc. But scientists from the Fraunhofer Institute for Secure Information Technology, in Germany, have analyzed popular tracker applications that can be easily downloaded in Google Play store. And guess what? Not one of them is secure, all these tracking apps have major security flaws and someone could be stealing your data . If someone would want to break in to your smartphone, with these vulnerabilities it gets really easy. The attacker can easily gain access to your text messages and chats and even view your photos. And what’s even more creepy is that the attacker does not need to try to hack in to your phone individually, it can simultaneously attack millions of users in one time. This is possible of course because of the tracker apps installed in the smartphone. This all information was presented to the world just a few days ago in Las Vegas where DEF CON Hacking Conference was happening.
Unsafe Tracker apps
So, as we discussed before these apps are mostly used by parents so they can track the location of their children or could monitor which photos or texts they want to post online. If the person who is under this surveillance has agreed to it then using this app is totally legal. And who would think that if you are using this app someone could be stealing your data? The scientists have closely analyzed 19 of these tracker apps that are available on Google Play store and apparently have been installed over several million times. Scientists have analyzed the apps behavior on protecting the sensitive user data that the apps gather. And all applications showed serious weak spots and not even one app was programmed with default security features in place. Isn’t it kind of ironic for an app who is mostly used to keep your children safer? The research showed a total of 37 weak spots in the apps.
How can they be able to steal data?
Most of these applications store their sensitive data on a server in plain text without any form of encryption what so ever. The researchers say: “We only had to open up a certain website and guess or enter a user name into the URL to retrieve and individual’s movement profile.” And this is possible to do to any of the apps users. “With this, thousands of people can be tracked in real-time.” So, anyone with the basic skills of “hacking” or just anyone… someone could be stealing your data and can read your chats, text messages and even see your photos. “It enables total surveillance.”
Google Play deletes most of the tracker apps that are not secure
The numbers are shocking, the scientists say that in the backend application alone they were able to find 1.7 million valid user login credentials and they were freely accessible. The Google Play Store teal was immediately contacted by the scientists of Fraunhofer Institute for Secure Information Technology and they shared their research and concerns about these tracer app. As a result of that Google Play Store has deleted 12 of the 19 applications that have showed major security issues. Sad to think that some of these app developers didn’t react in any way to their vulnerability reports. Either they are just very lazy to try and solve these security problems or they just full on don’t care who can access your personal information.
Here is some more information about this interesting research : https://team-sik.org/trent_portfolio/in-security-of-tracking-apps/