South Korea recently proposed a plan to keep children safe by requiring their parents to monitor their children through an app. A new research found out that the child-monitoring app the state is trying to impose is not entirely secure.
University of Toronto Citizen Lab researchers found the possible exploit vulnerability of the proposed plan. The app known as Smart Sheriff runs on Android operating system and is fully backed by the South Korean government. According to researchers, the app has a bug that allow hackers to penetrate devices using where the app is installed.
According to PC Mag, the researchers discovered 26 vulnerabilities on the Smart Sheriff app. Some of these vulnerabilities will allow hackers to monitor sensitive user data, steal it and even give them the ability to modify passwords.
Citizen Lab posted its official findings regarding Smart Sheriff on its website. They found out that accounts can be registered as well as managed with little or no proper validation or password. This could lead to the account being comprised or at worse hacked.
The report added, "Attackers could even remotely disrupt some of the functions of phones that have Smart Sheriff installed. In addition, Smart Sheriff's parental limits and controls can be easily disabled and circumvented."
The South Korean government announced in April that all devices sold to children should be bundled by a parental-monitoring software. Several apps were considered for the project but the Korean Communications Commission supported Smart Sheriff. On the other hand, South Korean parents can still choose from a handful of monitoring programs.
Since its release, Smart Sheriff has been downloaded and installed by at least 380,000 users.