Stealing with the Internet of Things
As we get more and more accustomed to the convenience of our everyday objects having network capabilities in the Internet of Things so that we can control our lights, thermostats, baby monitors and countless other things from our phones, we sometimes forget the security risks that are associated with it. Unfortunately a security flaw was recently discovered that allows hackers to use household devices in order to gain access to your smartphone to steal photos and track your every move.
The flaw was found in Belkin’s WeMo home automation devices. The way it works is a hacker looks for an object like a DVR that is connected to a network. Once they have access to the network, they scan for devices that are connected through the WeMo Android app. From there they just hack the app to gain access to a victim’s phone.
To their credit, Belkin fixed the flaw in the app back in August and it is releasing a firmware update to fix the vulnerabilities in devices that use it. Unfortunately, that update is not automatic and will require users to update their devices manually.
While there is no indication that the flaw has been exploited by criminals, it’s an important one to patch as it not only gives hackers full access to a victim’s phone, it also gives them the ability to block owners from updating firmware or removing malware from their devices. At that point their only recourse would be to throw them away.