{"id":11141,"date":"2018-08-30T10:13:28","date_gmt":"2018-08-30T10:13:28","guid":{"rendered":"http:\/\/bd54791e-c92c-4330-8f19-7d307b5bdfb5"},"modified":"2018-08-30T10:13:28","modified_gmt":"2018-08-30T10:13:28","slug":"android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/","title":{"rendered":"Android &#8216;API breaking&#8217; vulnerability leaks device data, allows user tracking"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet1.cbsistatic.com\/hub\/i\/r\/2018\/08\/30\/1f99873c-e142-4436-87a3-caff2eeeef87\/thumbnail\/770x578\/9e766c08d6d234d610ee7df7ee6c0f42\/screen-shot-2018-08-30-at-08-52-16.png\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>A vulnerability has been discovered in the Google Android operating system which could allow cyberattackers to covertly capture Wi-Fi broadcast data in order to track users.<\/p>\n<div class=\"relatedContent alignRight\">\n<h3 class=\"heading\"><span class=\"int\">More security news<\/span><\/h3>\n<\/div>\n<p>On Wednesday, researchers from Nightwatch Cybersecurity <a href=\"https:\/\/wwws.nightwatchcybersecurity.com\/2018\/08\/29\/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489\/\" target=\"_blank\" rel=\"noopener noreferrer\">said in a security advisory<\/a> that the bug, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-9489\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2018-9489<\/a>, was discovered in the operating system&#8217;s communication management programming.<\/p>\n<p>Nightwatch Cybersecurity researcher Yakov Shafranovich said that Android devices broadcast information about the user&#8217;s device to applications running on the system. This information can include Wi-Fi network names, BSSID, local IP addresses, DNS server data and MAC addresses &#8212; although the latter has been hidden via APIs in Android version 6 and higher.<\/p>\n<p>By listening in to these data streams, apps can capture the information, often for legitimate purposes.<\/p>\n<p>However, when rogue apps eavesdrop, this can lead to sensitive information disclosure and attackers may be able to attack local Wi-Fi networks or use MAC addresses to track unique Android devices.<\/p>\n<p>It is also possible to geotrack users through the network name and BSSID by using database lookups.<\/p>\n<p>&#8220;While functionality exists to restrict who is allowed to read such messages, application developers often neglect to implement these restrictions properly or mask sensitive data,&#8221; the researcher says. &#8220;This leads to a common vulnerability within Android applications where a malicious application running on the same device can spy on and capture messages being broadcast by other applications.&#8221;<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_ZD_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p><strong>TechRepublic: <a href=\"https:\/\/www.techrepublic.com\/article\/android-p-cheat-sheet\/\" target=\"_blank\" rel=\"noopener noreferrer\">Android Pie: Cheat sheet<\/a><\/strong><\/p>\n<p>Android uses &#8220;intents&#8221; for inter-process information alongside a number of permissions as safeguards against eavesdropping or data leaks.<\/p>\n<p>The OS utilizes two intents in order to broadcast information system-wide. The intents are WifiManager&#8217;s &#8220;Network state changed action&#8221; and WifiP2pManager&#8217;s &#8220;Wi-Fi P2P this device changed action.&#8221;<\/p>\n<p>Applications can tap into this information on the user device and when accessed through WifiManager, the &#8220;Access Wifi state&#8221; permission is usually required. Access to geolocation data normally requires either the &#8220;access fine location&#8221; or &#8220;access coarse location&#8221; permissions.<\/p>\n<p><strong>See also: <a href=\"https:\/\/www.zdnet.com\/article\/android-9-pie-new-features-release-date-and-everything-you-need-to-know\/\">Android 9 Pie: New features, release date, and everything you need to know<\/a><\/strong><\/p>\n<p>However, when an application is simply listening for system broadcasts, the permissions required are circumvented, which could allow rogue and malicious apps to capture this data without the knowledge of the user.<\/p>\n<p>&#8220;Because MAC addresses do not change and are tied to hardware, this can be used to uniquely identify and track any Android device even when MAC address randomization is used,&#8221; Shafranovich said. &#8220;The network name and\/or BSSID can be used to geolocate users via a lookup against a database like WiGLE or SkyHook.&#8221;<\/p>\n<p>The team tested a variety of Android devices, all of which demonstrated the same behavior. However, in some cases, the real MAC address was not displayed in the &#8220;Network state changed action,&#8221; intent, but was available through the &#8220;Wi-Fi P2P this device changed action,&#8221; intent.<\/p>\n<p>All versions of Android, including OS forks &#8212; such as Amazon&#8217;s Kindle FireOS &#8212; are believed to be affected, potentially impacting millions of users.<\/p>\n<p>The cybersecurity firm initially reported its findings to Google in March. Following an investigation which took several months, a CVE number was assigned to the vulnerability and Google developed a fix in July.<\/p>\n<p>The patch was confirmed in early August, leading to the public disclosure of the vulnerability.<\/p>\n<p><strong>CNET: <a href=\"https:\/\/www.cnet.com\/news\/pixel-3-xl-rumors-russian-leak-google-launch-specs-release-date-price-leaks-android-pie-notch\/\" target=\"_blank\" rel=\"noopener noreferrer\">Pixel 3 and Pixel 3 XL: Rumored specs, features, leaks, price, release date<\/a><\/strong><\/p>\n<p>Google has fixed the security flaw in the latest version of the Android operating system, Android P, also known as Android 9 Pie.<\/p>\n<p>However, the tech giant will not fix prior versions of Android as resolving the vulnerability &#8220;would be a breaking API change,&#8221; according to the cybersecurity firm.<\/p>\n<p>Earlier this month, Google announced the <a href=\"https:\/\/www.zdnet.com\/article\/android-9-pie-new-features-release-date-and-everything-you-need-to-know\/\">launch of Android 9 Pie<\/a>, which is already rolling out to Android users on some devices.<\/p>\n<p>Android devices manufactured by vendors including Nokia, Xiaomi, and Sony will receive the updated OS by the end of fall. The update includes new gesture navigation, themes, and adaptive settings for screen brightness and battery life, among others.<\/p>\n<p>Users able to upgrade to Android 9 are encouraged to do so.<\/p>\n<p>ZDNet has reached out to Google with additional queries and will update if we hear back.<\/p>\n<h3>Previous and related coverage<\/h3>\n<p>READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/android-operating-system-vulnerability-leaks-device-data-allows-user-tracking\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A vulnerability in the Android operating system can be used to track users without their knowledge.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":11142,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-11141","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Android &#039;API breaking&#039; vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Android &#039;API breaking&#039; vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-30T10:13:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Android &#8216;API breaking&#8217; vulnerability leaks device data, allows user tracking\",\"datePublished\":\"2018-08-30T10:13:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/\"},\"wordCount\":704,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/\",\"name\":\"Android 'API breaking' vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png\",\"datePublished\":\"2018-08-30T10:13:28+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/08\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Android &#8216;API breaking&#8217; vulnerability leaks device data, allows user tracking\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Android 'API breaking' vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/","og_locale":"en_US","og_type":"article","og_title":"Android 'API breaking' vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-08-30T10:13:28+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Android &#8216;API breaking&#8217; vulnerability leaks device data, allows user tracking","datePublished":"2018-08-30T10:13:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/"},"wordCount":704,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/","url":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/","name":"Android 'API breaking' vulnerability leaks device data, allows user tracking 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png","datePublished":"2018-08-30T10:13:28+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/08\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking.png","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/android-api-breaking-vulnerability-leaks-device-data-allows-user-tracking\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Android &#8216;API breaking&#8217; vulnerability leaks device data, allows user tracking"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/11141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=11141"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/11141\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/11142"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=11141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=11141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=11141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}