A-GPS vulnerability could let hackers track your location, take over your phone

by: Mike AndriciJuly 31, 2012

smartphone gps hack

As the global adoption of smartphones has reached impressive levels during the past couple of years or so (with absolutely no sign of stopping anytime soon), it is surely not surprising to see that hackers have turned their evil eye towards exploiting the various weaknesses of your favorite mobile device. But although in the past we’ve talked how hackers exploit various soft spots in the OS, it turns out that attackers can actually use underlying technologies to get access to private information.

According to Ralf-Philipp Weimann, a researcher at the University of Luxembourg, Assisted GPS (A-GPS) is one of the technologies that hides such vulnerabilities. Just so that we’re clear, the “GPS” part of the technology isn’t what’s causing the problem, but rather the “assisted” part in the name. See, when your smartphone tries to pinpoint your location (either for displaying it on a map or for checking in various places via Forsquare), it asks the cellular network to provide an approximate location so that the GPS calculations are streamlined. Much to a potential hacker’s delight, these messages are not sent over a secured connection, but rather over “a non-secure Internet link”. And this is where the problems start rearing their ugly head!

Weimann claims that your smartphone can be tricked to exchange location-aware messages with an attacker instead of doing so with your cellular network. In short, the hacker will know exactly where your phone is each time you attempt a GPS lock. I for one, can seriously imagine that government agencies and other groups of interests with enough resources are already using this method to track down certain people.

And this is not the end of your problems, as Weimann also said that, because these messages are not interpreted by the GPS system or by the cellular radio, but go directly to the processor instead, malicious code can be used for a remote takeover of your smartphone.

Obviously, one question arises: since this vulnerability has been made public, isn’t it possible for malware developers to start taking advantage of this weakness? It sure is, but according Vincenzo Izzo (from the security company Trail of Bits), mobile hacking is still in its early days, albeit this might change in the not so distant future. Izzo also stated that “exploitation for the time being is not going to be a big problem in mobile, but mobiles are more complex compared to desktops and so offer more places to explore”.

Scared by this newly discovered vulnerability? Let us know in the comment section below!

  • Linh

    Interesting. There are many times I found I was in China when I was actually in Sai Gon, Vietnam, 2500 km far from the location that my smartphone detected. Did it mean that the surrounding computer networks had been hacked and its traffic was routed to a server in China?

  • tzuik

    easy to avoid: go to settings – location – disable Assisted GPS. of course it takes longer for the GPS to lock your position but come on, 1min wait time instead of being hacked/tracked… i think it’s worth it!

  • Rob

    Factually incorrect the base station will not tell you where you are – it will give you its ID. You then need to go to a database to see where that base station is.