New Malware Tracks Smartphone Using Commuters in the Subway

Researchers from Nanjing University in China, have shown that Android smartphone owners’ actual movements and goings-on can be tracked by simply analyzing and compiling the data recorded and provided by the device’s orientation sensors and accelerometers. Since these features of a phone are predominantly used by applications with special permissions, phones are more vulnerable to breaches of user privacy, unlike GPS data which is harder to harvest my malicious applications and attackers.

The research paper, the test and its startling results.

In a paper aptly named “We Can Track You If You Take the Metro: Tracking Metro Riders Using Accelerometers on Smartphones”, the team of researchers from Nanjing University revealed to the world that they were able to tap into and gather accelerator readings in users’ phones.

In essence, this helps chart the entire route taken by commuters.  With an ‘interval classifier’ based on semi-supervised machine learning techniques built in order to make their research a reality, the team of researchers merged accelerometer and train location data to assess where a commuter was. Additional malware was then installed on eight different volunteer phones which gathered and remotely uploaded the accelerometer readings from each phone.

The theory was put to the sword on a metro in a major Chinese city. The results were indeed startling. The eight volunteers were easily tracked while visiting four and six stations with an astonishing accuracy of between 89 and 92 percent, respectively for the number of stations. The researchers added that the accuracy could also be bettered, as long other stations were covered for their location data.

“We believe this finding is especially threatening for three reasons,” the researchers assessed.

“First, current mobile platforms such as Android allow applications to access accelerometer without requiring any special privileges or explicit user consent, which means it is extremely easy for attackers to create stealthy malware to eavesdrop on the accelerometer. Second, metro is the preferred transportation mean for most people in major cities. This means a malware based on this finding can affect a huge population,” they pointed out.

A good example of a major city and its subway would be the New York City Subway, which has anywhere between 2.5 and 5.5 million subway commuters every single day.

“Last and the most importantly, metro-riding traces can be used to further infer a lot of other private information. For example, if an attacker can trace a smartphone user for a few days, he may be able to infer the user’s daily schedule and living/working areas and thus seriously threaten her physical safety.”

The researchers add that there are a few ways of preventing such attacks:

  • Bringing or introducing noise into Android sensor readings will essentially dispel and scramble location-based readings and information.
  • Keeping track of applications with high battery usage is to raise a few red flags as in theory, constant pings and requests for data by malicious apps with spike battery usage.