New research by Sudo Security Group’s GuardianApp sheds light on some popular yet malicious apps on the Apple App store. The security report states that over two dozen iOS apps are secretly collecting user location and other data, and sending it to data monetization firms.
According to Will Strafach, the person leading GuardianApp, several popular applications on the App Store “have been used to covertly collect precise location histories from tens of millions of mobile devices, using packaged code provided by data monetization firms.”
The report also highlights that in some cases, these “codes” are also programmed to send constantly-updated GPS coordinates to these data monetization firms, which makes a profit selling the collected user data. It is indeed a mystery how these apps are still running on the App Store despite Apple’s renowned privacy policies geared towards protecting customer data.
Now, iOS users do have the discreet ability to deny certain permissions to some apps. However what is most troubling is that these data mongers are weather apps and fitness trackers. Therefore it feels natural for the users to grant them location access. But in doing so, their precious user data is being siphoned by malicious corporations.
Some of the notable applications which are infested with the tracking code including popular titles like GasBuddy, C25K 5K Trainer, MyRadar NOAA, and PayByPhone Parking. All of these apps are performing well on the App Store and has over thousands of customers.
The research also highlights 12 data monetization firms which are involved in this operation. One of them happens to be RevealMobile - a company which has a record of being accused of over-collecting location data using weather apps.
Now, it makes the most sense to avoid using these apps altogether. However, the GuardianApp report has also stated plenty of steps which you can take to decrease the level of data exposure that you are facing.
What do you think about these apps stealing user location? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.