Home > Security > Security News

Gravy Analytics Data Leak Exposes Alarming Location-Spying Activity

Published on January 11, 2025
Written by:
Vishwa Pandagle
Vishwa Pandagle
Cybersecurity Staff Editor
Hackers Accessing Location Data
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google

In a startling revelation, it was found that a location intelligence company, Gravy Analytics, was storing location information from thousands of apps globally. This was done through advertisements that reflected on apps that stored users’ locations. 

Oddly enough, most app companies seemed unaware or oblivious to the location spying activities conducted using their platform. The massive location data infiltration scandal came to light when a hacker posted on the dark web that they stole data from Gravy Analytics. 

Screenshot of the Russian hacker forum XSS.
Screenshot of the Russian hacker forum XSS | Source: 404 Media

Following this, researchers found a post on the Russian cybercrime forum XSS boasting about the data exfiltration from Gravy Analytics. The hacker claimed to have information including but not limited to IP, bssid, email, user agent, and profile.

Reacting to the amassing of location data, the hacker exclaimed, “They are really everywhere, and who supplies them with data.. You can’t even imagine a scheme using front companies…”privacy” reports but with stored, “deleted” or “masked”.

The hacker threatened to publish the data on XSS within 24 hours if their demands were not met. 

Taking cognizance of the gravity of the location data exposure, several data analysts, and cybersecurity experts jumped to the scene to investigate the truthfulness of the claim. 

They found that the data stored by app stores did not have a time stamp. However, some samples indicated that they were from 2024. The Season 5 iteration of the mobile gaming app Call of Duty, launched in May 2024, was found in the list. 

Upon enquiring, a few of the named companies replied. Muslim Pro denied knowing Gravy Analytics. However, it did mention the need to float ads on apps to keep the service free for users. Likewise, Tinder also denied having heard of Gravy Analytics.

Although it is claimed that the hacker stole the geolocation data from Gravy Analytics, it could not be said with certainty whether it collected or sourced information from its client companies. It is also suspected that threat actors used Google Ads to get location data.

The number of apps named in the location data heist is estimated to be over 12,000. Popular apps include Accu Weather, Super Fast VPN Proxy-Better, Chess, Capcut, Tinder, Moovit, Temple Run, Viber, and MyFitnessPal. 

The list includes apps available on Android and iOS belonging to various categories. A few of them are as follows:

VPN

  1. HotspotShield VPN & Wifi Proxy
  2. HaloVPN Lite: Fast VPN Proxy
  3. Japan VPN
  4. Offline: Files, Browser, VPN
  5. VPN Expert - Secure VPN Proxy
  6. X-VPN Unlimited VPN Proxy
  7. Voice VPN - Fast VPN
  8. vpnify - Unlimited VPN Proxy
  9. SecVPN Proxy Tool
  10. VPN - Fast Secure Proxy
  11. Free VPN Proxy by Planet VPN
  12. VPN - Super Unlimited Proxy
  13. U-VPN (Unlimited & Fast VPN)
  14. HulaVPN - Fast Secure VPN
  15. VPNIFY - Unlimited VPN
  16. X-VPN Unlimited VPN Proxy
  17. Voice VPN - Fast VPN
  18. Rapid VPN - Safe Secure Proxy
  19. Turbo VPN Private Browser

Games

  1. Run Race 3D — Fun Parkour Game
  2. Jigsaw Puzzle
  3. LUDO
  4. Wood Block Puzzle - Block Game
  5. Spider Solitaire: Card Game
  6. Acertijo Mental: Brain Games
  7. Bubble Boxes - Matching Games
  8. Rummy - free card game
  9. Life Choices: Simulation Games
  10. Daily Bible Trivia: Quiz Games
  11. Backpack Brawl
  12. Bible Word Cross Puzzle
  13. Score! Hero
  14. Richie Games - Play & Earn
  15. Subway Surfers
  16. Solitäre
  17. Angry Birds Match 3
  18. Bible Verse Collect - Free Bible Word Games
  19. Mason Craft
  20. Draw Puzzle Line: Brain Games

Health and Fitness

  1. LazyShape: Weight Loss at Home
  2. Lose Weight App - Fitness
  3. Health Recorder - Heart Rate
  4. BMI Log
  5. Drink Water Reminder & Fasting
  6. Lose Weight App - Fitness
  7. Blood Pressure - Blood Sugar
  8. Blood Sugar
  9. Blood Pressure Tracker & Diary
  10. Daily Yoga: Fitness+Meditation
  11. BP Cozy
  12. BP CirculationCheck
  13. Natural Remedies: healthy life
  14. Healthy Guy
  15. Health Kit
  16. Health Tracker
  17. HeartEntry
  18. Period Tracker & Diary
  19. Pregnancy Due Date Calculator
  20. MMMMental health test

Religion

  1. Muslim Pro
  2. Religion Inc. God Simulator
  3. Bible Verse Collect - Free Bible Word Games
  4. MuslimOn: دعاء القرآن الآلي
  5. Bible Trivia

Other Apps

  1. BABEL: International Chat & Dating
  2. BitBible 繁體 (自動讀聖經)
  3. Injustice: God Among Us
  4. Jackpotland: Casino Slots
  5. Java Edition Mod for Minecraft
  6. Learn Guitar - Real Tabs
  7. Laser for dogs and cats
  8. Indian Constitution
  9. Haberler.com: Türkiye ve Dünya Gündemi
  10. Home Flip
  11. Idle Streamer!
  12. Home Plumbing System Guide
  13. IPTV ZEUS
  14. Money Rush
  15. Motivational Quotes
  16. Messages: Phone SMS Text App
  17. MindSync: AI Photo Editor
  18. Mp3 Music Download @Downloader
  19. My Talking Hello Kitty
  20. My Schedule
  21. NewsBreak: Local News & Alerts
  22. Mp3 Song Downloader App
  23. My Diary - Daily Diary Journal
  24. MPP - the social predictor
  25. Mosquito io
  26. Video Downloader for Twitter
  27. Find phone by claps
  28. Vector
  29. Cricball - Sports Live
  30. Crypto Miner: Bitcoin Factory
  31. Cyber Cleaner
  32. Disney Magic Kingdoms
  33. Deliveries Package Tracker
  34. Poly.AI - Create AI Chat Bot
  35. AVG Cleaner – Storage Cleaner
  36. Hollywood Story®: Fashion Star
  37. Bitcoin Pusher
  38. Car Trade Dealership Simulator
  39. Live Talk - Live Video Chat
  40. SPOX Sportnews
  41. Road Trip: Royal merge games
  42. FoxFM - File Manager
  43. GPS Map Camera: Geo tag Stamps
  44. Gallery - Photo Vault
  45. File Explorer
  46. Driving School 2017
  47. ET Markets : Stock Market App
  48. Todo List
  49. Tata Cara Ruqyah Lengkap
  50. かんたんゲームプレイヤー byGMO
  51. WSM - Women's Soccer Manager
  52. Voice Recorder Pro
  53. NDTV News App
  54. Sandbox - Physics Simulator
  55. KungFu Academy
  56. Match Academy : PVP Match3
  57. Bus Simulator Indonesia
  58. Disney Frozen Free Fall Games
  59. US Taxi Car Parking Simulator
  60. QR Code & Barcode Reader Plus
  61. DWG FastView-CAD Viewer&Editor
  62. Police Pursuit
  63. iScanner: PDF & OCR Scanner
  64. Grindr - Gay chat
  65. MetroZone
  66. Traffic Buster: Parking Escape
  67. Criminal Case
  68. Police Car Driving - Motorbike Riding
  69. The Weather Network: Local Forecasts & Radar Maps
  70. Speed Test & Wifi Analyzer +
  71. All Email Connect
  72. Document Reader: PDF, Word Doc
  73. Supermarket Simulator 3D
  74. Robux Easy Scratch
  75. Password Master
  76. WordBit Tedesco (German for Italian)
  77. Public Transport Simulator
  78. Wattpad  -  Stories you'll love
  79. Remote Play Controller for PS
  80. Radio Turkey - FM Radio
  81. Rakuten TV- Movies & TV Series
  82. EA SPORTS™ UFC® Mobile 2
  83. InDating — Dating and Chat
  84. Canal Constructor
  85. Golf Rival
  86. SHAREit: Transfer, Share Files
  87. Pixlr – Photo Editor
  88. Bitcoin Spin
  89. BuzzFeed - Quizzes & News
  90. AppLock
  91. Driving Zone: Germany
  92. CamScanner-PDF Scanner App
  93. Times Of India - News Updates
  94. Video downloader - Story Saver
  95. Portable ORG Keyboard
  96. Ynet
  97. Quick QR Scan
  98. CCleaner – Phone Cleaner
  99. King James Bible - Verse+Audio
  100. Currency Converter Plus
  101. Moovit: Bus & Train Schedules
  102. Pixel Art - Color by Number
  103. Pi Network
  104. My Calendar - Period Tracker
  105. Gas Station Idle
  106. Airport Security
  107. Moneywalk Step Counter&Rewards
  108. Snowball.io
  109. EMERGENCY HQ: rescue strategy
  110. Amerigo File Manager
  111. Weather Radar - Meteored News
  112. imo-International Calls & Chat
  113. Vinted - Buy and sell clothes
  114. Happy Color®: Coloring Book
  115. CHAM - Meet Random People

The list includes almost all the types of apps an app store could have in different languages, including VPNs that serve the purpose of hiding your online identity. 

It is worth noting that a huge number of the apps were related to games, VPN, and recreation, pointing toward the intent of the culprit, who was looking to trace players across the globe. 

Researchers found millions of mobile phone service coordinates in the U.S., Russia, and Europe.

Gravy Analytics accesses mobile phone location data received from its sources and sells to the US government and other companies. 

In December 2024, the Federal Trade Commission banned a host of companies from accessing user location data. Some of these companies also worked with U.S. law enforcement agencies. The FTC banned Gravy Analytics and Venntel, its subsidiary, from selling, sharing, or accessing location data barring a few circumstances. 

Add a Comment
Related
CISCO
Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware
Calling - Support Staff - Phone - Laptop
UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams
Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach
romance scam
US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network
Malware Target
New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government
Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener
Most Popular
CISCO
Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware
Calling - Support Staff - Phone - Laptop
UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams
Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach
romance scam
US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network
Malware Target
New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government
Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener
Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware
UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams
Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach
US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network
New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government
Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener

Most Popular
CISCO
Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware
Calling - Support Staff - Phone - Laptop
UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams
Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach
romance scam
US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network
Malware Target
New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government
Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener
Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware
UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams
Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach
US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network
New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government
Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: