@January 21, 2025

Tracing a Mobile Device back to it’s Approximate Location

A research hacker shared an interesting (quite technical) article that shows how your mobile device can be traced back to a data center somewhere near your location.

The article details how this works potentially without any user-action on Signal, Discord and Telegram but it can be applied to many more instant messengers or even other apps or services.

How the Attack Works

A picture is sent to you in the form of a link-preview, emoji or avatar which your phone’s app automatically downloads when it gets the push-notification. The attacker then observes which data-center caches your request and infers that your location is likely in its vicinity. If you have multiple devices and the request is cached in multiple locations the location is assumed to be in the intersection of both data center’s approximate radii.

How the Companies Reacted

The researcher diligently reached out to the companies but got little attention as they don’t see themselves responsible for protecting your device’s location.

Bitcreed agrees with the companies’ reasoning as there are means to prevent this kind of tracking by using a VPN service. Data prices and access latency would sky-rocket if every request on the internet first had to be sent across the globe multiple times. For this reason, we believe that anonymization should be done where it is meaningful.

Read the full article by following the next link. Kudos to Daniel for doing this at 15 years of age!

https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

Our VPN Recommendation

Contact us, if you’re interested in setting up a VPN. We partner with Proton and recommend their great-value services for many day-to-day services. Check out our partner’s current and best offering on VPN deals

Proton VPN Proton VPN - Protect yourself online | Proton VPN

or read on as to when it makes sense to connect through a VPN:

As always, we’re happy to consult you on any questions.

Contact us