Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A growing number of iOS apps collect and sell location data

A growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to monetization firms. A group of security researchers that developed the popular Guardian mobile firewall app revealed that a growing number of iOS apps currently collect location data, WiFi network IDs and other data, from […]

Magellan flaw

A growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to monetization firms.

A group of security researchers that developed the popular Guardian mobile firewall app revealed that a growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to advertising companies.

Let me immediately highlight that these iOS apps collect data by asking users for permission to do it, but lack to inform users that gathered information are shared with third-party advertising and marketing companies.

The experts have observed that all these apps have embedded tracking codes provided by advertising and marketing firms.

“The GuardianApp team has discovered that a growing number of iOS apps have been used to covertly collect precise location histories from tens of millions of mobile devices, using packaged code provided by data monetization firms. In many cases, the packaged tracking code may run at all times, constantly sending user GPS coordinates and other information.” states the Guardian app research team.

“In order to gain initial access to precise data from the mobile device’s GPS sensors, the apps usually present a plausible justification relevant to the app in the Location Services permission dialog, often with little or no mention of the fact that location data will be shared with third-party entities for purposes unrelated to app operation.”
ios apps

Most of the apps asked for permission to access GPS coordinates, Bluetooth LE beacon data, and Wi-Fi SSID (Network Name) and BSSID (Network MAC Address).

Some apps also collect other types of device information, including accelerometer Information (X-axis, Y-axis, Z-axis), advertising Identifier (IDFA), battery Charge Percentage and Status (Battery or USB Charger), cellular Network MCC/MNC, cellular Network Name, GPS Altitude and/or Speed, timestamps for departure/arrival to a location.

The report published by the Guardian app team includes the names of 12 monetization firms that received data along with the names of 24 apps that use the tracking code provided by location data monetization firms.

The report also includes the names of 100 news apps containing monetization code provided by data monetization firm RevealMobile.

“In August 2017, RevealMobile was also found to be packaged in the AccuWeather app for a brief period of time and was criticized by users for collecting Wi-Fi SSID and BSSID from user’s even if Location Services access was denied (More:https://www.zdnet.com/article/accuweather-caught-sending-geo-location-data-even-when-denied-access/ ).” continues the report.

Experts also shared these potential mitigations:

  • Go to Settings > Privacy > Advertising and turn on Limit Ad Tracking in order to make uniquely identification of your iOS device more difficult for location trackers.
  • Press “Don’t Allow” if a Location Services permission dialog contains “See privacy policy” or similar text.
  • Use a very generic name for the SSID of your home Wi-Fi router (eg. “home-wifi-1”).
  • Turn off Bluetooth functionality when it is not in use.
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – iOS apps, privacy)

[adrotate banner=”5″]

[adrotate banner=”13″]