Chennai: Avast, a global leader in digital security products, has discovered serious security vulnerabilities in the T8 Mini GPS tracker and nearly 30 other models by the same manufacturer, Shenzhen i365 Tech.
Marketed to keep kids, seniors, pets, and even possessions safe, instead these devices expose all data sent to the cloud, including exact real-time GPS coordinates. Further, design flaws can enable unwanted third-parties to spoof the location or access the microphone for eavesdropping.
Researchers at Avast Threat Labs estimate that there are 6 lakh unprotected trackers in use globally, but emphasize that these IoT security issues go far beyond the scope of a single vendor. Martin Hron, a senior researcher at Avast who led this research, advises buyers of these products to opt for an alternative from brands that have built security into the product design, specifically secure login and strong data encryption.