It seems as each day passes, smart technology is becoming more and more integrated with our daily lives. Everything is becoming connected to make life more convenient. Lots of home appliances and devices now come with built-in cameras, microphones and sensors to give us the best experience possible. However, with these advances come exploitable security flaws that could be used for incredibly invasive purposes.

Check Point Software, a Tel-Aviv based security firm have recently conducted research into LG’s SmartThinQ range of devices. They are all devices that are connected to the internet and can be controlled via a web application. Among them are refrigerators, dishwashers, vacuum cleaners and washing machines.

Notably, their vacuum cleaning device aptly named Hom-Bot, doubles as a security device. The built-in camera also contains a motion sensor that sends alerts to the owner via the installed app.

Check Point were able to exploit a vulnerability within the LG portal login process that allowed them to take control of a Hom-Bot and its camera. This gave them access to a live video from inside a home. You can find their video at the end of the article. 

LG released a patch for the vulnerability on 29th September and have urged all SmartThinQ users to use the following steps to get the latest updates:

  • Update app: Update LG SmartThinQ app to the latest version (V1.9.23), you can update the app via Google play store, Apple's App Store or via LG SmartThinQ app settings.
  • Update devices: Update your LG smart home physical devices with the latest version, you can do that by clicking on the smart home product under SmartThinQ application dashboard (if an update is available you will get a popup alerting you).

Not only is being able to hack into a live-feed broadcasted from within someone’s home a massive breach of privacy, it could easily put someone in a dangerous or vulnerable position to third parties.

As we progress further and further into a more connected world, we are increasingly open to hackers that would manipulate devices for their benefit. Make sure you don’t trade your security for convenience and be aware of the possible risks when buying and installing such devices in your homes.