A security vulnerability in the fitness app Strava allowed suspicious figures to identify and track security personnel working at secretive bases in I

Strava app flaw revealed runs of Israeli officials at secret bases

submited by
Style Pass
2022-06-21 15:30:07

A security vulnerability in the fitness app Strava allowed suspicious figures to identify and track security personnel working at secretive bases in Israel, a disinformation watchdog says.

FakeReporter found that by uploading fake running "segments" a user could learn the identities and past routes of others active in the area, even if they had the strongest privacy settings.

In 2018, the company published a "heatmap" that also revealed the exercise routes of people at military bases around the world, including US facilities in Syria.

Its app takes data, including GPS co-ordinates, from a person's mobile phone or wearable fitness device to track their exercise activity.

People are able to upload their running and cycling times and compare their performances with others who followed the same routes.

FakeReporter, an Israeli group that combats malicious online activity, reported that a suspicious user named "Ez Shehl" had exploited these functions to upload fake GPS data to create route segments inside secret facilities associated with Israel's military, the Mossad intelligence agency and the Shin Bet internal security service.

Leave a Comment