A cyber security firm’s research has found several pet tracking devices to be vulnerable to hackers and other forms of cyber crime.
The Kaspersky research found products made by several well-known brands had vulnerabilities in:
- Bluetooth capabilities that require no authentication for connection
- Trackers and apps transmitting sensitive data such as the owner’s name, email and coordinates
- Not checking HTTPS for connection, making man-in-the-middle scenarios when someone intercepts your wifi traffic
- Authorisation tokens and coordinates can be stored on a device without encryption
- False firmware can be installed
- Commands can be sent to trackers without checking the user ID, meaning commands could be sent by anyone, not just the owner
The vulnerabilities in the products can make it easy for dog nappers to season control of the dogs location and commands.