It seems as each day passes, smart technology is becoming more and more integrated with our daily lives. Everything is becoming connected to make life more convenient. Lots of home appliances and devices now come with built-in cameras, microphones and sensors to give us the best experience possible. However, with these advances come exploitable security flaws that could be used for incredibly invasive purposes.
Check Point Software, a Tel-Aviv based security firm have recently conducted research into LG’s SmartThinQ range of devices. They are all devices that are connected to the internet and can be controlled via a web application. Among them are refrigerators, dishwashers, vacuum cleaners and washing machines.
Notably, their vacuum cleaning device aptly named Hom-Bot, doubles as a security device. The built-in camera also contains a motion sensor that sends alerts to the owner via the installed app.
Check Point were able to exploit a vulnerability within the LG portal login process that allowed them to take control of a Hom-Bot and its camera. This gave them access to a live video from inside a home. You can find their video at the end of the article.
LG released a patch for the vulnerability on 29th September and have urged all SmartThinQ users to use the following steps to get the latest updates:
- Update app: Update LG SmartThinQ app to the latest version (V1.9.23), you can update the app via Google play store, Apple's App Store or via LG SmartThinQ app settings.
- Update devices: Update your LG smart home physical devices with the latest version, you can do that by clicking on the smart home product under SmartThinQ application dashboard (if an update is available you will get a popup alerting you).
Not only is being able to hack into a live-feed broadcasted from within someone’s home a massive breach of privacy, it could easily put someone in a dangerous or vulnerable position to third parties.
As we progress further and further into a more connected world, we are increasingly open to hackers that would manipulate devices for their benefit. Make sure you don’t trade your security for convenience and be aware of the possible risks when buying and installing such devices in your homes.
https://www.forbes.com/sites/thomasbrewster/2017/10/26/lg-hom-bot-robot-hoover-hacked-into-surveillance-device/#61d86fd1f042 Got a robot hoover buzzing around your home? It's time to take a look at its security, especially if its an LG device. Researchers from Israeli firm Check Point reported a hack of the LG SmartThinQ app that allowed them to remotely take control of the manufacturer's Hom-Bot hoover and use the video feed to spy on anything in the device's vicinity. And, the researchers said, the attack could also compromise refrigerators, ovens, dishwashers, washing machines, dryers and air conditioners -- any connected thing controlled by the LG app.