Computers can be hacked through a "smart" light bulb


Smart light bulbs can not only make the lighting in an apartment and house more convenient and cheaper but also threaten the safety of their owners.

Experts have proven that hackers can hack computers through smart light bulbs. The vulnerability in the smart home system was noticed by cybersecurity company Check Point.

Experts have discovered a way to hack computers through a lamp using a Philips smart home system. At the first stage, the virus program is downloaded to the victim's smartphone and causes the lighting to fail. Experts have noticed that the only way to fix the problem is to reinstall the app, so the user deletes the program and re-downloads it to their phone.

At the stage when the owner of the lamp connects it to the smart home system, attackers take advantage of the vulnerability in the ZigBee protocol, which Philips uses. At the moment of pairing between the lamp and the smart hub, the malicious algorithm causes an overflow of the system buffer, which bypasses the antivirus and is installed on the computer's disk. After that, the device goes under the remote control of hackers.

Check Point experts said that the study has already attracted the attention of the manufacturer of smart lamps and eliminated the gap in the system. Experts advised owners of the Philips smart home system to update their software.

Experts have found vulnerabilities in Philips smart bulbs (at the moment, the problem with these devices has already been solved), but it is possible that similar vulnerabilities are found in many other smart home devices.

Earlier EHackingNews reported that in the fall of 2019, an IT specialist from Russia and blogger Anna Prosvetova discovered a vulnerability in Xiaomi Furrytail Pet Smart Feeder. Since feeders are used when the owners leave the house for a long time, pets may starve to death. The vulnerability was discovered in the application API through which feeders are controlled.


from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3bv07gQ