LG flaw could have created refrigerator spies


By Dylan Bushell-Embling
Monday, 30 October, 2017

LG flaw could have created refrigerator spies

Check Point Software has discovered a critical vulnerability within LG’s SmartThinQ smart home technologies that would have allowed hackers to remotely control and turn household electronics into spying devices.

The flaw, nicknamed HomeHack, exposed millions of customers to unauthorised control over robot vacuum cleaners, refrigerators, ovens, dishwashers, washing machines and dryers, and air conditioners.

Hackers can exploit the flaw to turn robot vacuum cleaners into spying devices via the attached video camera, switch off refrigerators, turn on ovens and hotplates, and remotely interfere with air-conditioning settings.

Check Point researchers were able to exploit vulnerabilities in the SmartThinQ mobile app to create a fake account and use it to take over a user’s legitimate account, gaining the control required over smart LG appliances.

The company informed LG of the vulnerabilities at the end of July and LG responded by fixing the reported issues at the end of September. The companies are urging customers to update both the app and the devices to the latest version as quickly as possible.

“As more and more smart devices are being used in the home, hackers will shift their focus from targeting individual devices to hacking the apps that control networks of devices. This provides cybercriminals with even more opportunities to exploit software flaws, cause disruption in users’ homes and access their sensitive data,” Check Point Head of Products Vulnerability Research Oded Vanunu said.

“Users need to be aware of the security and privacy risks when using their IoT devices and it’s essential that IoT manufacturers focus on protecting smart devices against attacks by implementing robust security during the design of software and devices.”

Image credit: ©stock.adobe.com/au/wip-studio

Follow us and share on Twitter and Facebook

Related News

Digital trust leaders outperform their peers: research

Companies categorised as leaders in implementing digital trust strategies are reaping the...

IT decision-makers believe AI is key to protect against cyber threats: report

According to reseach, 40% of Australian IT decision-makers believe the use of AI will help them...

New Relic upgrades app security testing suite

The New Relic Interactive Application Security Testing solution has been upgraded with new...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd