Waze app can be hacked to display fake traffic jams

10:00 ET, 7 April 2014

Two Israeli students at Technion-Israel Institute of Technology were able to cause traffic jams hacking the popular navigation app Waze for a school project.

In many films we have seen bad hackers who were able to cause Traffic Jams causing death and destruction, this was possible because filmmakers are aware of the high penetration level in our ordinary life. Think to the paradigm of Internet of Things or the were able devices, humans are being nodes of a global network and who will control it will control the world. Is it possible to cause traffic jams with a cyber attack? The reply is yes, it’s hard, but not impossible. I desire to share with you this curious news, hackers can cause traffic jams just deceiving your navigation Smartphone application. It’s interesting to note that the attackers were able to cause traffic jams without interfering with any infrastructure neither hacking the traffic light systems. Shir Yadid and Meital Ben-Sinai, two Israeli students at Technion-Israel Institute of Technology, demonstrated that it is possible hacking a popular navigation app. The news was reported by the journal Haaretz, The two students were assigned by college to hack Google-owned Waze GPS app, it is a popular mobile application that provides indications and useful information on the status of the traffic, including alerts on traffic jams and accidents.


Waze navigation app is widely used in Israel, recently Google acquired the firm for $1 billion. The students created an application was able to introduce in the navigation application Waze information to case the reporting of fake traffic jams. Of course they used a demo simulator to launch the cyber attack, the experiment succeeded in demonstrating that a bad actor could cause traffic jams inoculating fake information in any similar app. The strategy adopted by the students is quite simple, similar to the one I proposed years ago to poison social networks, they registered thousands of fake Waze users using bogus GPS coordinates. The positions assigned to each fake profile are interpreted by the navigation application that when note a great number  of users in the same place trigger an alert for a traffic jam with obvious consequences.

The attackers could deliberately raise the alerts for traffic jams in different areas of a city, causing the traffic direction to roads non so crawled, in reality the entire traffic will be hijacked in the same place causing the traffic congestions.

The students have already informed Waze of the attack, providing the results of the experiments to the Waze company.

Pierluigi Paganini

(Editor-In-Chief, CDM)




FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2021

We are in our 9th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.