Sunday, January 17, 2010

MiFi Attack Exploits GPS To Reveal User's Location

The MiFi by Novatel Wireless (re-branded and sold by multiple vendors such as Sprint and Verizon) is a mobile wifi hotspot. The mifi also has a built in GPS to provide location based searching. Turns out that the web interface to this little device has a lot going on that can be exploited, from gaining the user's GPS data to terminating the user's connectivity.


So for those that weren't paying attention: Any MiFi user that visits a specially crafted page will give up their GPS location to the attacker.

No comments:

Post a Comment