- Advertisment -

“5K Trainer” and various other apps for iOS steal user’s location data for monetization

Research shared with 9to5Mac this morning showed that popular iOS apps you probably have installed on your iPhone, iPad or iPod touch have special malicious entitlements that send user location for data monetization firms.

The research firm ” Sudo Security Group’s GuardianApp” led by “Will Strafach” reports that:

“Several popular iOS apps have been used covertly collect precise location histories from tens of millions of mobile devices, using packaged code provided by data monetization firms.”

- Advertisement -

The data is said to be used for location monetization, by taking the user’s current location and sending it.

Apple’s App Store Policy clearly has this as a restriction, under the Legal 5.1.1 and Legal 5.1.2 policies.

 

Legal – 5.1.1 and Legal 5.1.2

The app transmits user location data to third parties without explicit consent from the user and for unapproved purposes.

Before these apps are removed, and Apple revises their strategy, the security firm recommends following these instructions.

In order to gain initial access to precise data from the mobile device’s GPS sensors, the apps usually present a plausible justification relevant to the app in the Location Services permission dialog, often with little or no mention of the fact that location data will be shared with third-party entities for purposes unrelated to app operation.

All location data monetization firms listed on this page collect one or more of the following data points:

  • Bluetooth LE Beacon Data
  • GPS Longitude and Latitude
  • Wi-Fi SSID (Network Name) and BSSID (Network MAC Address)

In addition, some firms also collect the following types of less sensitive device information:

  • Accelerometer Information (X-axis, Y-axis, Z-axis)
  • Advertising Identifier (IDFA)
  • Battery Charge Percentage and Status (Battery or USB Charger)
  • Cellular Network MCC/MNC
  • Cellular Network Name
  • GPS Altitude and/or Speed
  • Timestamps for departure/arrival to a location

GasBuddyMyRadar NOAAPayByPhone Parking,  C25K 5K Trainer appear to be the apps in question.

Appleosophy contacted Apple for clarification on this via phone, but Apple declined to comment on the issue.

This article will be updated with any new information when it becomes available.

 

Updated: Fixed layout issues.

Popular Stories

macOS Big Sur Wallpapers

With every new software release, a new wallpaper is introduced. Apple recently announced the next major update for macOS, named Big Sur. All you need...

iOS 14 & iPadOS 14 Wallpaper

With every new software release, a new wallpaper is introduced. In iOS and iPadOS 14 a new abstract wallpaper has been introduced. All you need...

Writer of the Month

Avatar
Anton is a Graphic Designer & Writer for Appleosophy Media

Recent Stories

Save up to $30 on AirPods this week at Target

AirPods are one of Apple's most recent successful products. It is hard to find a place where people are not wearing them. This week at...

Apple deals in Best Buy’s college student deals promotion

Even though the coronavirus pandemic is still going on, students across the country are getting prepared for another school year of classes, whether they...