- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
SecTor 2025 | Tracking You Across Apps and the Web Hydra-Style
While Android promises to prevent applications from exchanging tracking data directly, this sandbox is brittle and allows apps to share data across apps and the Web.
We found HyTrack, a robust new tracking technique for Android. Apps could use it to track you extensively and then sell your data or generate revenue with personalized ads outside your control! HyTrack is independent of standard tracking techniques such as AD IDs or fingerprinting. Trackers can use it to track your application usage across sandbox barriers in multiple apps and websites you use in your default browser. HyTrack abuses a new browser feature called Custom Tabs and Trusted Web Activities. Hytrack is both covert, hiding perfectly in plain sight, and additionally, it is Hydra-like! It is hard to get rid of: If you attempt to delete parts of it on your device, it will regrow. Hytrack will survive re-installations of applications and other deletion attempts. Even getting a new phone will not help you if you don't take precautions.
In multiple studies, we measured whether applications in the wild already use HyTrack. We will discuss the mechanisms behind HyTrack, check which browsers and devices are affected (Spoiler: all major Android browsers), and discuss possible mitigations and why defenses are non-trivial. But it is vital to discuss defenses right now, as it looks like we discovered HyTrack before the trackers did. Therefore, we should act now, both individually and as a community!
By:
Malte Wessels | PhD Student, TU Braunschweig
Presentation Materials Available at:
https://blackhat.com/sector/2025/briefings/schedule/#hytrack-tracking-you-across-apps-and-the-web-hydra-style-47217
Видео SecTor 2025 | Tracking You Across Apps and the Web Hydra-Style канала Black Hat
We found HyTrack, a robust new tracking technique for Android. Apps could use it to track you extensively and then sell your data or generate revenue with personalized ads outside your control! HyTrack is independent of standard tracking techniques such as AD IDs or fingerprinting. Trackers can use it to track your application usage across sandbox barriers in multiple apps and websites you use in your default browser. HyTrack abuses a new browser feature called Custom Tabs and Trusted Web Activities. Hytrack is both covert, hiding perfectly in plain sight, and additionally, it is Hydra-like! It is hard to get rid of: If you attempt to delete parts of it on your device, it will regrow. Hytrack will survive re-installations of applications and other deletion attempts. Even getting a new phone will not help you if you don't take precautions.
In multiple studies, we measured whether applications in the wild already use HyTrack. We will discuss the mechanisms behind HyTrack, check which browsers and devices are affected (Spoiler: all major Android browsers), and discuss possible mitigations and why defenses are non-trivial. But it is vital to discuss defenses right now, as it looks like we discovered HyTrack before the trackers did. Therefore, we should act now, both individually and as a community!
By:
Malte Wessels | PhD Student, TU Braunschweig
Presentation Materials Available at:
https://blackhat.com/sector/2025/briefings/schedule/#hytrack-tracking-you-across-apps-and-the-web-hydra-style-47217
Видео SecTor 2025 | Tracking You Across Apps and the Web Hydra-Style канала Black Hat
Комментарии отсутствуют
Информация о видео
16 апреля 2026 г. 1:30:07
00:42:06
Другие видео канала
