Hack Exploits Google Street View to Find Victims

A security researcher has developed an attack which can be used for stalking, using JavaScript and geolocation information from Google to determine a victim’s location.

During a presentation at the BlackHat conference last week, titled “How I Met Your Girlfriend,” Samy Kamkar discussed the new method in detail. It works as follows:

1) the hacker lures the victim to a website which uses JavaScript to steal the router’s Media Access Control address and report the unique identifier to Kamkar

2) the hacker then puts the stolen MAC address into Google Location Services, which gives him an address accurate to a few hundred feet.

“Their web browser is compelling this exploit for you,” Kamkar said. “Pretty cool.”

The slides from the presentation are here

email
Filed in: Cloud Tags: , , ,

You might like:

Stephan Thoma to Lead European Leaders’ Talent Development Division; Philip Randerson Comments Stephan Thoma to Lead European Leaders’ Talent Development Division; Philip Randerson Comments
Google Unveils Encryption Tool to Bolster Internet Security Google Unveils Encryption Tool to Bolster Internet Security
Trimble Opens Feedback Mgmt Service to Gov’t Clients; Rick Gosalvez Comments Trimble Opens Feedback Mgmt Service to Gov’t Clients; Rick Gosalvez Comments
Jeff Lovin: Woolpert Adds Google Maps Tech to Enterprise Geospatial Market Portfolio Jeff Lovin: Woolpert Adds Google Maps Tech to Enterprise Geospatial Market Portfolio
© 2014 ExecutiveBiz. All rights reserved.