Home Hacking GPS Location Tracking Services Are Vulnerable To Multiple Vulnerabilities

GPS Location Tracking Services Are Vulnerable To Multiple Vulnerabilities

1 min read
0
0

GPS Location Tracking Services Are Vulnerable To Multiple Vulnerabilities

Security researchers have published a report on a series of flaws that they called “Trackmageddon” that affect many GPS and location tracking services. These security flaws could allow cybercriminals to reveal sensitive data on millions of online location tracking devices controlled by vulnerable GPS services.

Cybercriminals can use the Trackmageddon flaws to expose information such as GPS coordinates, location history, device model and type, serial number, mobile number and maybe private data —depending on the tracking service and device configuration.

They can obtain access to data by using the default credentials (like “123456”), and insecure direct object reference vulnerabilities, which enable an authenticated attacker to access other users’ accounts simply by modifying the value of a parameter in the URL.

The researchers tried to contact the vendors behind the affected tracking services to informing them of the severity of these security flaws. They have published a list of services who patched or may have patched the vulnerabilities, a list of services still exposing data, and a list of vulnerable devices.

Load More Related Articles
Load More In Hacking

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

New Cold Boot Attacks Can Evade Current Mitigations

New Cold Boot Attacks Can Evade Current Mitigations Many people tend to put laptops to ‘Sl…