Unidentified Operatives Have Been Tracking Israeli Military Personnel Using Strava Fitness App

Russians can't download Windows 10 and 11 ISOs, Phishing campaign against Facebook users nets hundreds of millions of credentials, Office 365 and Outlook phishing campaign steals credentials, more

Check out my latest CSO column that delves into the details of the Russian hack of satellite provider Viasat and reviews how satellite-based assets are not immune to cyberattacks.

Photo by Tim Foster on Unsplash

Israeli open-source intelligence outfit FakeReporter discovered that unidentified operatives have been using the fitness tracking app Strava to spy on members of the Israeli military, even those who have the strongest possible account settings. The operatives have been tracking the military personnel’s movements across secret bases around the country and potentially observing them as they travel the world on official business.

Strava’s tracking tools allow anyone to define and compete over “segments,” short sections of a run or bike ride that may be regularly raced over, such as a long uphill climb on a popular cycling route or a single circuit of a park. But users can also upload their own segments, with Strava having no way of determining whether those GPS uploads are legitimat…