Thursday, March 28, 2024

Internet-connected baby monitors are vulnerable to attacks

Share

baby monitor

Don’t call a priest just yet if you hear strange voices coming out of your child’s baby monitor — it’s more likely a hacker than some kind of supernatural entity. Security firm Rapid 7 has released a study that shows just how vulnerable at least nine internet-connected baby monitors are. The team tested models from eight manufacturers (including Philips and Withings) this 2015 and found that hackers can easily break into them, not only to scare the living daylights out of a family, but also to monitor their activities. For instance, some models have unencrypted web apps, so hackers can use that flaw to gain access to their cameras.

Others allow users to add people to the list of viewers without authenticating themselves, giving interlopers the power to invite other intruders to livestream what the baby monitor sees. These are but a couple of examples to give you an idea. Unfortunately, among the eight manufacturers whose products were tested, only Philips was responsive and promised to patch up its device’s security hole.

Rapid7 warns that it’s not just pervs with lots of time on their hands parents should be worried about. Industrial spies could also take advantage of the devices’ flaws to steal secrets or keep an eye on high-profile execs who use their phones or computers to connect to their kids’ internet baby monitors. You can read the full report on the firm’s website, containing a list of products they tested and their corresponding weaknesses.

[Image credit: Alamy]

Filed under:
Misc

Comments

Via:
Ars Technica

Source:
Rapid7

Tags: babymonitor, internetofthings, philips, rapid7, withing

Read more

More News