Researchers Reveal Security Vulnerabilities in Tracking Apps

At Defcon, security researchers revealed 37 new vulnerabilities in tracking apps that could have enabled attackers to steal information and track users. Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps. Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable. "In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."