Four popular mobile applications offering dating and meetup services have security flaws which allow for the precise tracking of users, researchers claim.
This week, Pen Test Partners said that Grindr, Romeo, and Recon have all been leaking the precise location of users and it has been possible to develop a tool able to collate the exposed GPS coordinates.
The research builds upon a report released last week by Pen Test Partners that related to the safety of relationship application 3Fun.
3Fun, a mobile application for arranging threesomes and dates, had some of the “worst security for any dating app we’ve ever seen,” according to the team.
It was found that 3Fun was not only leaking the locations of users but also information including their dates of birth, sexual preferences, pictures, and chat data.
Bringing together 3Fun, Grindr, Romeo, and Recon, the team were able to create maps of user locations across the world by using GPS spoofing and trilateration — the use of algorithms based on longitude, latitude, and altitude to create a three-point map of a user’s location.
“By supplying spoofed locations (latitude and longitude) it is possible to retrieve the distances to these profiles from multiple points, and then triangulate or trilaterate the data to return the precise location of that person,” the researchers say. Read more