An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25 $50 have been found vulnerable to a handful of dangerous vulnerabilities. Vulnerabilities in GPS Tracking Devices could enable remote attackers with just an Internet connection to access real-time GPS coordinates of a target device just by sending an SMS to the phone number associated with the SIM card (inserted into the device) Researchers also found that users were directed to an unsecured website to download the device’s companion mobile app, exposing users’ information.
Source: https://thehackernews.com/2019/09/gps-tracking-device-for-kids.html