Fitness App Strikes Again as Platform is Used to Track Israeli Soldiers, Secret Military Bases
23:25 GMT 21.06.2022 (Updated: 17:26 GMT 15.01.2023)
The San Francisco-based Strava company is used by more than 95 million people across 195 countries. The tracking app allows users to upload their running or cycling routes and compare respective performances to other users.
Unidentified users have been using the Strava fitness app to keep track of movements made by Israeli soldiers stationed on secretive military bases, an Israeli watchdog has revealed.
Disinformation watchdog FakeReporter detailed in its findings that fake users had uploaded false running "segments" from military installations onto the tech platform, allowing verified users to then work off the falsified running route and add their own progress to further complete a so-called 'map.'
Strava's tracking tools are effectively designed to allow any user to tack on their own map "segments" to either complete or design their running course on any previously uploaded route. However, Strava's flaw is that the app has no way of being able to tell whether the map uploads are legitimate.
Achiya Schatz, executive director for FakeReporter, told the Jerusalem Post that despite past security updates to the app, the flaw remained. At least 100 Israeli individuals who exercised across six military bases appeared to be affected by the security snag, even though their accounts had been private.
Officials determined that in order for users to be completely barred from prying eyes, they needed to set their profiles so they're only visible to their followers, as well as ensure that each running course is set to private.
"By exploiting the capability to upload engineered files, revealing the details of users anywhere in the world, hostile elements have taken one alarming step closer to exploiting a popular app in order to harm the security of citizens and countries alike," Schatz said.
After informing the Israeli military of the tech issue, FakeReporter notified representatives at Strava, who then took 'necessary steps' to rectify the matter.
29 January 2018, 05:15 GMT
Incidentally, this latest snag comes years after Strava was at the center of a similar controversy in 2018, when it was discovered that maps on the app publicized the location and layout of various military bases in Afghanistan, Nevada and the Falkland Islands.