Popular GPS tracker can be remotely hacked anytime - security firm

in #security5 years ago

A GPS tracker used as a panic alarm has major security flaws that can leak users’ real-time location and allow it to be remotely deactivated, say UK cyber-security researchers. They are calling for an immediate recall.

5cd5a5bfdda4c80a5b8b45e7.jpg
© Reuters / Kacper Pempel

Manufactured in China, the devices are bought in bulk and resold by several companies around the world. While the device itself doesn’t have internet connectivity, it does use a SIM card to connect to a cell network for location tracking. However, almost anyone can give the device commands by knowing its phone number and sending it a text.

sadfsdf.jpg
https://twitter.com/FidusInfoSec/status/1126816175265071104

Commands can allow the device’s current location to be divulged and its built-in microphone to be listened to remotely. It can also be turned off completely – all without the user’s knowledge.

The staggering security breach was uncovered by researchers at British cybersecurity firm Fidus Information Security, who have published a report about their astonishing findings. The researchers note that while the SIM can be protected with a PIN, that setting it not enabled by default and the device can still be reset without needing a PIN.

Marketed as an alarm and panic button for the elderly, a monitoring device for children or a car tracker, the device is utilized by thousands of vulnerable people who think it’s keeping them safe, wrote Fidus.

“This device is marketed at keeping the most vulnerable safe and yet anybody can locate and listen into thousands of people’s lives without their knowledge,” warns Fidus director Andrew Mabbitt, TechCrunch reports.

Mabbitt explained, in the organization’s blog, that while the team have informed manufacturers of the major security flaws, the only way to fix the issue is to recall tens of thousands of units already in use around the world. There are at least 10,000 in use in the UK alone, according to Fidus.

Original: https://www.rt.com/news/459001-gps-shows-real-time-location/

Sort:  

Coin Marketplace

STEEM 0.36
TRX 0.12
JST 0.040
BTC 70846.59
ETH 3567.69
USDT 1.00
SBD 4.79