This repository contains the results of a January 2021 investigation into Android apps that contain location tracker Software Development Kits (SDKs). We call this effort "Investigation Xoth." This research was conducted by Sean O'Brien of the ExpressVPN Digital Security Lab with the aid of Esther Onfroy of the Defensive Lab Agency. Findings are described on our website.
We encourage users to independently validate the investigation results. This information is released for consumer awareness only and should be interpreted by security professionals.
Consumers: Consult our list of all apps.
Researchers: Consult the files below.
- SDK Signatures: List of SDK signatures identified in apps
- All Apps: JSON | CSV - List of all apps
- Exponea (Infinario): JSON | CSV - List of all apps containing Exponea
- Fysical (BeaconsInSpace): JSON | CSV - List of all apps containing Fysical
- GeoUniq (Cloud4Wi): JSON | CSV - List of all apps containing GeoUniq
- OneAudience: JSON | CSV - List of all apps containing OneAudience
- Opensignal: JSON | CSV - List of all apps containing Opensignal
- Placed (Foursquare): JSON | CSV - List of all apps containing Placed
- Predicio: JSON | CSV - List of all apps containing Predicio
- Quadrant: JSON | CSV - List of all apps containing Quadrant
- Sense360: JSON | CSV - List of all apps containing Sense360
- SignalFrame (Wireless Registry)**: JSON | CSV - List of all apps containing SignalFrame
- Sygic: JSON | CSV - List of all apps containing Sygic
- X-Mode: JSON | CSV - List of all apps containing X-Mode
If you have any questions or suggestions regarding these findings, email us at digital-security-lab@expressvpn.com.