A hacker has broken into nearly 30 000 GPS trackers
Hacker for the sake of experiment gained access to the engine management system
German edition AutoBild reports that a hacker from the US managed to hack tens of thousands of accounts, car GPS trackers. Thus he gained access to such sensitive data as the location of vehicles and many others, and even got into the electronic engine control.
In fact, GPS trackers designed to provide security and help to find stolen cars. But using them, as it turned out, could also have unpleasant consequences. Some technoexpert reported about it in 2018.
But in April 2019, one of the researchers of the program code, simple hacker, decided to test the speculation of technojunkies and achieved success. At least this was stated by the hacker, calling themselves “L&M”. He confirmed that he was using a vulnerability in several tens of thousands of accounts in two applications GPS tracking: 7,000 devices through “iTrack” and more than 20,000 trackers in the “ProTrack”.
Thus, he was able to access through the reverse processing of the programme code, the so-called “reverse engineering”. The hacker gained access to the devices, which was the default password of the GPS tracker: “123456”, sent to customers by default. Apparently, many users do not change this code for individual. As seen extremely reckless.
The purpose of the study: identify gaps in security
L&M found out about the names, telephone numbers, addresses and many other information about users in several countries, including South Africa, Morocco, India and the Philippines. And that’s not all. An authorized user can also remotely turn off the car engine, if the latter is standing or moving at a speed less than 20 km/h.
According to the hacker, it’s not the buyers and the Chinese manufacturers, and checking the security of their devices, and that was his main goal.