Skip to main content

Vulnerability in Signal messaging app could let hackers track your location

posted onMay 21, 2020
by l33tdawg
Digital Trends
Credit: Digital Trends

A vulnerability in the secure messaging app Signal could let a bad actor track a user’s location, according to findings from cybersecurity firm Tenable.

Researcher David Wells found that he could track a user’s movements just by calling their Signal number — whether or not the user had his contact information. This could be a big problem for victims of stalking, or for activists and journalists who are trying to avoid government or law enforcement detection to leak information or act in a whistleblower capacity.

There are two aspects to the vulnerability, Wells said. One is that if two Signal users have each other as contacts, it’s possible for them to determine each other’s location and IP address by calling, even if the person being called doesn’t answer the phone. “That feature is not well advertised, and it’s interesting that someone could disclose your location if they’re your contact,” Wells said. “That’s kind of odd.” It turns out that even if you don’t have a person in your contacts list, they can still roughly determine your rough location just by calling you on Signal. This works even if you don’t pick up or see the call.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th