The popular Chinese manufactured GPS tracker used as a panic alarm for elderly patients, for monitoring kids and tracking vehicles has some major security flaws. UK cyber-security researchers claim that it can leak users’ real-time location and allow it to be remotely deactivated. Although the device doesn’t have access to internet connectivity, however, it uses a SIM card to connect to a cellular network for location tracking.
Cybersecurity firm Fidus Information Security claims that the tracker can be accessed and hacked by anyone who knows the phone number. The device can be hacked by sending a text message with a keyword. Not only this but with another command, devices can also be accessed remotely by calling and in-built microphone can be used for listening. The security firm added that there exists a command which can be even used to thwart the entire cellular signals remotely.
Cybersecurity experts are claiming that despite the option of protecting the device with a PIN, it’s not enabled by default. To their dismay, they found that the device can be reset remotely without any PIN at all.
According to Fidus, in the U.K there are at least 10,000 users of this device alone whereas this device has been in use all around the worlds. The experts claim that they have already informed the manufacturers of the device about this flaw yet the only way to fix this issue is to recall tens of thousands of units already in use around the world.