Connecting the Dots: An Investigative Study on Linking Private User Data Across Messaging Apps
Junkyu Kang
Network and Distributed System Security (NDSS) Symposium 2026 · Day 2 · Usable Security
Presented by So Lee (on behalf of Junkyu Kang), this collaborative research between KAIST and the University of Maryland demonstrates how privacy attacks that seem minor on individual messaging platforms become devastating when chained across multiple apps. The study evaluates three component-level attacks -- **contact discovery abuse**, **single sign-on token theft**, and **location inference** -- and shows how they can be combined using **linking keys** (shared identifiers like phone numbers and profile images) to execute end-to-end attacks including de-anonymization of anonymous accounts and targeted physical tracking campaigns. A single Kakao Talk account can perform over **150,000 contact discovery requests per day**, and the researchers successfully de-anonymized over **50% of anonymous Telegram accounts** by cross-referencing with Kakao Talk. The location inference algorithm reduced required queries from **600+ to just 12** while maintaining comparable accuracy.
AI review
A well-executed demonstration of cross-platform privacy attack chaining that takes individually known vulnerabilities (contact discovery, SSO token theft, proximity inference) and composes them into devastating end-to-end attacks including de-anonymization and physical tracking. The 150K queries/day on Kakao Talk and 50%+ de-anonymization rate of anonymous Telegram accounts are concrete, impactful results. The location inference efficiency improvement from 600 to 12 queries is a nice technical contribution.