HomeUpdateSmart watches may have many perks but take a look on this

Smart watches may have many perks but take a look on this

-

Last Updated on 07/12/2021 by Nidhi Khandelwal

Researchers looked into the security of four popular children’s smartwatches and discovered pre-installed downloaders, weak passwords, and data flows that were not encrypted.

Smart watches may have many perks but take a look on this 1

According to the findings, most of these gadgets capture sensitive data at random and send it to distant servers on a regular basis without the user’s knowledge.

This is concerning because these devices are rapidly gaining in popularity, with parents purchasing them to track their children’s whereabouts and activities.

The Elari Kidphone 4G, Wokka Lokka Q50, Elari FixiTime Lite, and Smart Baby  were all investigated by the Dr. Web antivirus team.

These are all Android-based smartwatches that are extremely popular in Russia, and their prices range from low to high.

Dr.Web discovered three hidden modules in the Elari Kidphone 4G smartwatch that transfer data to a central place and receive remote orders.

Smart watches may have many perks but take a look on this 2

This communication occurs every eight hours by default, but it can easily be changed to a different interval.

SIM card information, geolocation data, device information, phonebook contacts, installed apps list, SMS count, and phone call history are among the data sent.

Dr. Web is concerned that the Elari Kidphone 4G’s secret modules could be used to install dangerous apps, download, install, launch, or uninstall programmes, and display adverts without the owners’ knowledge.

The Wokka Lokka Q50, which costs around $15 and is popular as a nearly throwaway item, is the most affordable option.

The researchers determined, however, that the watch’s default password (‘123456’) is weak, and that all data sent between it and the Russia-based server is unencrypted.

This makes man-in-the-middle assaults relatively easy to carry out, allowing threat actors to send SMS requests for GPS location, listen in on the wearer’s surroundings remotely, or even change the C&C server IP to one they control completely.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -[the_ad id="13487"]

Must Read