Now a day, it seems, an average user generally places ease and convenience far above than being safe and secure. All we care about is streaming videos or visiting unsecured websites that are malicious in nature despite our ISPs are blocking. Jokes apart, this is the sad reality of techno-sphere these days. Out of all the portable access points that we use, pocket Wi-Fi routers are very much prone to such nefarious attacks though 'backdoor'. Sometimes we mistake hardcoded passwords as a safety measure whereas it is nothing but a way in for hackers.
For starters, most of the portable Wi-Fi routers can send user data (user name, SSID, admin password) in plaintext — all an attacker would have to do is send an SMS message to the portable router and wait for the info to be sent back. Others included LAN port vulnerabilities, easily manipulated settings, and also the ability to inject malicious, unauthenticated commands. To summarise, these are things that 0you probably wouldn't want anyone to be snooping around.
Now, the question remains: What can you do to protect yourself?
Do your study before buying a portable Wi-Fi router. This does not mean simply reading going online and reading reviews. That simply that does not help as most buyers, to begin with, aren't techie enough to explain the security issues associated with the portable routers. Rather, go to technology sites and try to understand the underlying technology behind it and then Google for the device and its security flaws.
Check if you can change the default admin password. In some cases you can, in some cases you can't. Before buying portable routers, make sure you are researching whether the password is hardcoded or not.
Lastly, determine your risk level. This will be different for each user: depending on whether you are noob or pro. Having installed an anti-virus too helps in your connected devices. However, if you using simple and unsophisticated password, then you may want to reassess you portable rounter or modem connection.