How Samsung Phones Secretly Spy On Your Location

securestep9 profile image Sam Stepanyan Originally published at Medium on ・1 min read

While working on a mobile application security project for a client, I had to investigate all HTTPS calls made by an app using a “man-in-the-middle” technique essentially pushing all traffic from the test Samsung Galaxy S5 smartphone through an intercepting proxy. And I stumbled upon something really strange.

Every now and then the phone would send a POST request to the following URL:


What was interesting was in the payload. This was not a usual POST request, it contained the following 45-byte string:


which was the phone’s precise location! I obfuscated the exact digits with xxxx in the above example.

So, it appears that Samsung phones periodically “call home” and report their location to Samsung. Why this data collection happens? I will continue to investigate, but wanted to publish this information in case if somebody else comes across this mysterious “disaster-device” URL.

ThreatCrowd shows a bit more information about the target domain and associated subdomains:


Posted on by:

securestep9 profile

Sam Stepanyan


OWASP London Chapter Leader. Application Security (#AppSec) Consultant. WAF Specialist


Editor guide