Undocumented Backdoor that Covertly Takes Snapshots Found in Kids’ Smartwatch
Freeman writes:
A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said.
The X4 smartwatch is marketed by Xplora, a Norway-based seller of children's watches. The device, which sells for about $200, runs on Android and offers a range of capabilities
[...] [Norwegian security company Mnemonic's researcher, Harrison] Sand's suspicions were further aroused when he found intents with the following names:
- WIRETAP_INCOMING
- WIRETAP_BY_CALL_BACK
- COMMAND_LOG_UPLOAD
- REMOTE_SNAPSHOT
- SEND_SMS_LOCATION
After more poking around, Sand figured out the intents were activated using SMS text messages that were encrypted with the hardwired key. System logs showed him that the key was stored on a flash chip, so he dumped the contents and obtained it-"#hml;Fy/sQ9z5MDI=$" (quotation marks not included). Reverse engineering also allowed the researcher to figure out the syntax required to activate the remote snapshot function.
"Sending the SMS triggered a picture to be taken on the watch, and it was immediately uploaded to Xplora's server," Sand wrote. "There was zero indication on the watch that a photo was taken. The screen remained off the entire time."
Read more of this story at SoylentNews.