Security researchers discovered a series of significant security problems in a smartwatch system that is used in applications like programs intended to help the elderly and vulnerable people.
On Thursday, Pen Test Partners cybersecurity experts reported security issues discovered in the SETracker app, childrenand elderly oriented apps particularly those with dementia or individuals who need reminders to perform everyday activities, such as taking coque samsung s8 vrai cuir their medicine.
The GPS tracking software is used by carers to locate their charges coque samsung s8 note rose in tandem with a smartwatch, and in effect, wearers can use the device to make a call should they need assistance.
Don Miss: Saudi Prince Doubted To samsung galaxy coque s8 Hack coque iphone xs blanc Jeff Bezos iPhone Using Israeli Malicious Software
The SETracker app from the Chinese developer 3 G Electronics, deemed necessary to use watches, is accessible on iOS and Android and it has been coque samsung s7 golden state warriors downloaded over 10 million times.
Security breaches in the product however intended that it coque samsung a6 not only carers or loved coque samsung galaxy note 4 militaire ones who coque samsung j7 could keep track of the movements or activities of a wearer.
The vendor software, coque samsung a70 where there are now three types in smartphone devices, is mostly included in the backend of inexpensive smartwatches from different brands on sale. SETracker can also be coque de samsung s6 edge used in helmets and the automobile tech market.
The first big security problem, Pen Test Partners coque samsung s7 cute said, was the detection of an unregulated server to server API. The software may be used to hijack the SETracker program in ways that include, but not limited to, coque samsung s6 edge motif ananas modifying computer keys, making calls, sending text messages, tracking samsung galaxy s7 coque silicone transparente and viewing computer embedded cameras.
If the back end system of a monitor is based on SETracker, fake messages such as commands could be sent, which also are set up to tell wearers to take their meds.
Don Miss: Security Patch For “Wormable” SMBv3 Windows 10 Flaw Issued By Microsoft
The researchers even came across samsung s6 edge coque samsung the source code of the program, which was inadvertently made coque samsung galaxy s7 edge disney stitch open to the public coque samsung s5 chouette via a compiled server file hosting online as an insecure backup.
In the source scripts, server side code, MySQL keys, addresses, SMS and Redis codes, and a hard coded password 123456 is possible to display. A website that housed photographs of users was also available for harassment.
On 22 January, Pen Test Partners released the results to 3G Electronics. It is not clear if any of the safety problems were used in the wild. The vendor confirmed on May coque clear view samsung s8 plus 29 that the file was removed, and therefore all passwords had already been changed…