Fitness app Strava exposes sensitive military information again

Israeli soldiers have been monitored with location data from the well-known fitness app Strava. An unidentified party was able to track the military at secret military bases, and possibly beyond, according to The Guardian.

The soldiers came into the picture thanks to fake routes (segments) in the bases that were created by the spies in the app. Participants could compete against each other to see how fast they completed a certain course. The results are then saved and sorted.

In an example seen by The Guardian, a user could be tracked to other military bases and on a trip to another country. That user was working at a top-secret base believed to be part of Israel’s nuclear program, the paper says.

The spying was discovered by Israeli cybersecurity firm FakeReporter, which notified authorities. Strava has also been notified. The company says it has appointed a team to resolve the issue.

Digital shading was possible because segments can also be uploaded via GPS recordings. Strava doesn’t monitor those GPS uploads and can’t tell if people have actually been to the place they’re tracking.

Strava world map

It is not the first time that sensitive military information has been obtained via Strava. In 2018, the Global Heat Map was found to reveal secret locations not visible on Google Maps and other public maps.

On the Strava world map, roads and paths brighten up the more they are used by athletes using the Strava app. Where Strava is not used, it remains dark. Because of this, it was noticed that in countries such as Afghanistan and Syria, the map lit up in some places amid dark areas. The conclusion urged that there were bases there, on which soldiers exercised.

As a result, the San Francisco company decided to come up with a new version of the map, on which less-used routes are no longer shown. Strava also pointed out to users the option to no longer make their location data available for the maps.



Leave a Reply

Your email address will not be published.