Your location might be tracked from ANY Android cellphone … for those who make this easy mistake

Your movements could be tracked in the Google Maps app on someone else’s phone … if you made that simple mistake, a security expert has warned. The researcher Pieter Arntz, who works for the renowned security company Malwarebytes, has described in detail how he accidentally tracked his wife’s whereabouts without installing spyware or cracking one of her passwords.

It turns out that the Google Play Store can be the perfect way to keep track of someone’s location – with up-to-date location data shown on Google Maps.

Malwarebytes security expert Arntz wrote an extensive blog post about his discovery. In short, Arntz wanted to install a paid Android app on his wife’s cell phone. Since he had already bought the software once for his own device and saw no reason to buy it again, Arntz logged into the Google Play Store app on his wife’s smartphone, navigated to a list of his previously purchased apps, and the Software downloaded.

“Everything went well, but after I installed the app and tested it to see if it worked, I forgot to log out of Google Play,” he explains on the blog.

Back on his own cell phone, Arntz noticed that his location history in Google Maps showed fraudulent locations. For those who don’t know, Google Maps will keep an eye on your location when you use the app. It analyzes this data to come up with better suggestions – for example, to show restaurants that are near your location rather than in a different city or country.

“I noticed strange things but couldn’t quite tell what was going on. It showed me places that I was nearby but never really visited, ”he said. It turned out that the Google Maps app on Arntz’s phone was actually listing places his wife had visited – with her phone, with his Google account logged into the Play Store app – in her pocket.

His wife would only have known that something was wrong (and that someone could have access to their location data) from the small profile picture in the corner of the Google Play Store app. Oddly enough, after Arntz found out what had happened and signed out of his wife’s Google Play Store app, he discovered that he could still keep an eye on her movements in his Google Maps app.

He explains, “After I signed out of Google Play on my wife’s phone, the problem was still not resolved. After doing some research, I learned that my Google Account was added to my wife’s accounts when I logged in to the Play Store, but was not removed when I logged out after noticing the tracking issue. “

Malwarebytes, a well-known cybersecurity company based in California, is a founding member of the Coalition Against Stalkerware, which aims to protect people from spying. Spyware and so-called stalkerware applications are a growing problem.

The quirk of the Google Play Store certainly doesn’t count as spyware … yet it could be used by nefarious individuals to get the same results.

Eva Galperin of the Electronic Frontier Foundation said the bug demonstrates the need to consider situations of domestic violence when testing features. She said, “One of the most dangerous times in a domestic violence situation is the time when the survivor tries to separate their digital life from their perpetrators. This is a time when survivors’ data is particularly susceptible to these types of misconfiguration problems and the possible consequences are very serious. “

Malwarebytes submitted a problem report to Google to highlight the problem. If you’ve previously used your login on friends and family devices so as not to pay more than once for apps, movies, eBooks, or songs, it may be worth checking which accounts are logged into your phone.

To do that, go to Settings> Accounts and backups> Manage accounts. This will bring up a list of all accounts with permissions on your device. You can remove anything you don’t know as they will have access to the GPS data collected by your smartphone.

Leave A Reply

Your email address will not be published.