Technology
GPS trackers for kids exposed real-time location and had default password 123456
If there’s anything worse than picking an easy-to-hack password, it’s being assigned a default easy-to-hack password for your GPS tracker. And, yet, that’s what reportedly happened to at least a half million people.
A report from cybersecurity firm Avast, as reported by The Next Web, found that 29 models of trackers made by Chinese company Shenzhen i365 Tech had vulnerabilities that may have exposed the data of more than 600,000 users.
Each account was assigned an ID number and default password, which just happened to be “123456.” For more than 100,000 users, the exposed data included real-time location information. The report also claimed that design flaws in the trackers allowed “third-parties to ‘spoof’ (or fake) the user’s location, or access the microphone for eavesdropping.”
Making matters even worse: these GPS devices were designed to help parents track their children.
Avast shared a detailed blog post that really gets into the nitty-gritty of their research and how they investigated these vulnerabilities. They scanned 4 million devices and came up with more than 600,000 devices still using the default “123456” passwords.
Then, they scanned a subset of 1 million of those 4 million devices and found it was possible to locate 167,000 of them. Not great! Avast says they made the manufacturer aware of the flaws in late June 2019 but has yet to hear back.
Avast also reports they never heard back from the company and points out that, though they’re made in China, the trackers are sold under various brand names on Amazon, eBay, and Alibaba all over the globe, including in Brazil, Australia, and, yes, the United States.
-
Entertainment6 days ago
Hands-on with the Claude AI app: It’s pleasant to use, but janky
-
Entertainment4 days ago
Apple Watch Series 9 vs. SE: A smartwatch skeptic tested both for 13 days
-
Business6 days ago
Haun Ventures is riding the bitcoin high
-
Entertainment5 days ago
5 essential gadgets for turning your home into a self-care sanctuary
-
Business3 days ago
Google lays off workers, Tesla cans its Supercharger team and UnitedHealthcare reveals security lapses
-
Entertainment4 days ago
The greatest films on Prime Video right now
-
Business5 days ago
Google dubs Epic’s demands from its antitrust win ‘unnecessary’ and ‘far beyond the scope’ of the verdict
-
Business5 days ago
Apple: pay attention to emerging markets, not falling China sales