Some background, I was a hacker for 15 years and survived some heinous shit including attempts of doxing by class enemies and actually being hunted by feds. But one of the techniques keeps coming back from the death all those decades is Electron web app framework HTTP leak. It’s a very simple 0day but niche to the point that Electron devs somehow can’t patch it. What this HTTP leak attack does is it allow traffic from an app client to be traced as soon as the attacker made contact with the client network server. Electron leaks both private and public IP addresses of user. You can demonstrate this yourself with just a reddit app and chat function, and tracert. It’s a trivia bug but if you have heard of things like Xbox, psn or steam resolver, it’s basically just Electron HTTP leak attack. And it costs actual thousands of human lives in both global south, and in US especially the Andrew Finch murder in Wichita because the doxer used resolver. And that’s a thing, once you get the IP, you can locate the target’s ISP narrowing down the subnet of it. But because Palestine subnet is significantly smaller than US, Zionist and American intelligence can just increase accuracy through host discovery or ping scanning to correlate all connected targets in the same network pinpoint exact device Electron leaking. Please consider this in your opsec.
I thought it was through the phone. Android can ping your location, so they know where you are.
This 0day reduces the complications of using other techniques that the victim would discover they’re being tracked. Even if you use a Graphene and you have any of the apps like Signal that use Electron, you will be tracked. I remember Dessalines addressed this before that Signal leaks IP but they didn’t know it because Electron. All you need to do is just ping a packet to make contact with the victim’s device app and that device will ping back your location. It was Iran who also published that WhatsApp and Messenger use ping scan to map network, and mentioned IP leaking.